4 Future Directions
We have established the base foundation for security services in PLAN. A
number of possible implementation improvements could be made:
-
Allow a signature to authEval consist instead of a public key in
the case that privilege is only being restricted. In other words, if
a principal asks for less than default privilege, it should be granted
without question. This would improve the performance of the firewall, for
example.
- Improve the methodolody for per-use security. The problem with the
current approach is that security enforcement code must pollute the
implementation of the service. For example, the check_put function
had to be added to enforce the resident service policy. This could be
improved in two ways:
-
Switch to a policy manager that answers more expressive queries, such
as Keynote [8]. In Keynote, most of the code in the check_put function could be encoded in the query as either boolean data or
callbacks. This causes less intrusion in the service code base.
- Automatic insertion of policy checking code. This, again, causes less
intrusion into normal service code.