This paper present a software tool and a framework for security protocol change management. While it focus on trust negotiation protocols in this paper, many of the ideas are generally applicable to other types of protocols. Trust negotiation is a flexible approach to access control that is well suited to dynamic environments typical of service-oriented applications. However, managing the evolution of trust negotiation protocols is a difficult problem that has not been sufficiently addressed, especially in situations where there are ongoing negotiations. By using the framework, the consequences of changing the protocol that applies to ongoing trust negotiations can be automatically determined.
Did you find this white paper useful?
25 out of 44 users found this white paper useful
Related white papers
Balancing Security Against Productivity
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Novell Zenworks Endpoint Security Management: Total Control from a Single Console
Still super gluing your USB ports shut? Unauthorized access to networks, lost or stolen laptops and other mobile hardware, and theft of proprietary information or intellectual property accounted for more...
Homeland Security Communicatoins: No Compromise
This webcast explains who needs to protect conversations, what information needs to be protected, how information is compromised and what the consequences are, how conversations can be protected, why secure...
Symantec Managed Security Services Successfully Protects Clients From the "Slammer Worm"
Slammer exploited a six-month-old vulnerability in the Microsoft SQL Server, affecting Windows NT, 2000, and XP systems running unpatched Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 applications....
Wausau Financial Systems Assists Pakistan With National Identification Program
Beginning in 1998, through a special legislative ordinance from the President of Pakistan, a National Database and Registration Authority (NADRA) was established to build the national security and protection of...
U.S. Bancorp: Using VeriSign to Further Strengthen Its Network Security
US Bancorp (NYSE: USB), the sixth largest financial services holding company in the United States, a Fortune 500 company with assets in excess of $189 billion, invested heavily in network...
