Protection reconfiguration for reusable software

Secure distributed applications often include code to authenticate users, verify access rights, and establish secure communication channels between software components (e.g., clients and servers). This code is often specific to the application and to the context in which the application is used. Embedding protection definitions in the application code makes it difficult to reuse because different applications often have very different protection constraints. We argue that protection definitions should be specified separately from application code in order to facilitate protection reconfiguration and software reuse. This separation may be achieved by specifying protection definitions in a Protection Interface Definition Language, and is implemented by proxies installed between software components that are executing in different protection contexts (e.g., between client and server). Mechanisms for creation and dynamic installation of protection proxies have been implemented in a distributed shared memory system, and the viability of our solution is demonstrated by a simple name server, which is currently being reused in three different protection contexts