Towards a configurable security architecture

摘要

Current security systems are either an integral part of the system they are protecting or a separate module external to the system. This paper describes an architecture for a security system that allows security components to be developed separately from the system they have to protect and then integrated into the system at a later stage. This means an organisation may select the required components based on its needs and `plug' these components into their systems. The paper describes the proposed architecture and demonstrates how it may be used to support various forms of discretionary and mandatory authorisation.