Title :
Trust-adapted enforcement of security policies in distributed component-structured applications
Author :
Herrmann, Peter ; Krumm, Heiko
Author_Institution :
Fachbereich Inf., Dortmund Univ., Germany
Abstract :
Software component technology on the one hand supports the cost-effective development of specialized applications. On the other hand, however it introduces special security problems. Some major problems can be solved by the automated run-time enforcement of security policies. Each component is controlled by a wrapper which monitors the component´s behavior and checks its compliance with the security behavior constraints of the component´s employment contract. Since control functions and wrappers can cause substantial overhead, we introduce trust-adapted control functions where the intensity of monitoring and behavior checks depends on the level of trust, the component, its hosting environment, and its vendor have currently in the eyes of the application administration. We report on wrappers and a trust information service, outline the embedding security model and architecture, and describe a Java Bean based experimental implementation
Keywords :
Java; distributed processing; information systems; security of data; telecommunication security; Java Bean; application administration; automated run-time enforcement; behavior checks; control functions; distributed component-structured applications; embedding security architecture; embedding security model; employment contract; hosting environment; monitoring; overhead; security behavior constraints; security problems; software component technology; trust information service; trust-adapted control functions; trust-adapted security policies enforcement; wrapper; Application software; Automatic control; Computer architecture; Contracts; Data security; Information security; Information systems; Java; Monitoring; Runtime;
Conference_Titel :
Computers and Communications, 2001. Proceedings. Sixth IEEE Symposium on
Conference_Location :
Hammamet
Print_ISBN :
0-7695-1177-5
DOI :
10.1109/ISCC.2001.935347