The figure depicts a few security policies (SA1, SA2, and SA3) along with some policy domains (domain 1, domain 2, domain 3). The users A, and B belong to domain 1 and the users X and Y belong to domain 2. For the above scenario, the following is true
- If user A wants to talk to user B, they must conform to security policy 1
- If user X wants to talk to user Y, they must conform to security policy 2
- domain 1 and domain 2 are sub-domains of domain 3
- If a user in domain 1 wants to talk to domain 2, they must conform to the security policy 3
One concept that I like in this space is that of the extended domain policy. This policy is generally used when facilitating communication between a domain of stricter policies with that of a weaker one. In this case, the domain with the stronger policy extends their domain into the weaker domain policy, only allowing communication to be facilitated via that broker.
Being a Canadian citizen, a nice way to illustrate this is to compare and contrast airport customs between Canada and the US. When I travel to the US from Canada, I pass US customs in Canada. This is a great example of the extended domain concept at work. The US, believing their security requirements are much greater than Canada, will not let you board a plane destine for the US without first authorizing you.
Canada, on the other hand, acts more like a traditional inter-domain policy association. Canada enforces it's controls at it's own border.
In the business world, I think that the extended domain concept is an important one. One use case would be a corporate entity that owns several subsidiaries. Using the extended domain model, the entity could enforce strict control over communication into it's network by deploying trusted agents in each subsidiary to facilitate communication.
**Image taken from the book: Enterprise Security Architecture - Nicholas A Sherwood
No comments:
Post a Comment