Description of work
MULTIPOL will provide an innovative, modular and consistent security suite to implement strong security features between independently-administered domains. This set of modules will implement coherent authorization features, taking into account that each domain is enforcing its own security policy.
The studies carried out in the project and the deliverables will provide the core modules that will implement the authorization mechanisms in each security domain: a Policy Administration Point and a Policy Decision Point, linked to Enforcement Points.
Multiple innovative mechanisms for inter-domain security policy
Then the project will target runtime mechanisms that deal with authorization decisions taken at the time a resource is accessed and that are particular to the situation of the access between domains.
Finally, other modules will be created to work at the policy management level, in order to compare the policies of the different domains and propose actions to be applied by the policy administration point and the policy decision point. A semantic approach will be taken to support these innovative principles.
The project will also address the standardization space, in order to assess the applicability of emerging standards and influence standardization bodies. Non-technical aspects, such as organisational, business, legal and deployment aspects, will be studied to better assist the establishment of the multi-domain co-operation.