Data Protection and Security

VI

Operating System Security and Secure Programming

VI.I

Motivation

You have been given the task of implementing “security” in an IT system. You consider different options for formulating an access control policy and a security model and choose the most appropriate ones. Now you have to answer two questions to proceed:

Where should access control be located?
Does your solution force you to consider additional protection requirements?

There are two good reasons to place security in lower layers:

It may be possible to evaluate security to a higher level of assurance.
Putting security mechanisms into the core of the system reduces performance overheads caused by security.

«previous session

[1]

next session »

proceed to next section »

chapter index