Infrastructural Support for Enforcing and Managing Distributed Application-Level Policies
نویسندگان
چکیده
State-of-the-art security mechanisms are often enforced in isolation from each other, which limits the kinds of policies that can be enforced in distributed and heterogeneous settings. More specifically, it is hard to enforce application-level policies that affect, or use information from multiple distributed components. This paper proposes the concept of a Security Service Bus (SSB), which is a dedicated communication channel between the applications and the different security mechanisms. The SSB treats the security mechanisms as reusable, stand-alone security services that can be bound to the applications and it allows the enforcement of advanced policies by providing uniform access to application-level information. This leads to a security infrastructure that is more flexible and more manageable and that can enforce more expressive policies.
منابع مشابه
Using Attribute Certificates with Mobile Policies in Electronic Commerce Applications
1 This work was funded by the MITRE technology program under project number 51MSR871. Abstract Many electronic commerce applications including those developed for business-to-consumer (B2C) and business-to-business (B2B) uses, require operations in computing environments that are truly distributed. That is, users can request data access from multiple locations within a distributed computing sys...
متن کاملFactors Affecting Photovoltaic Technology Application in Decentralized Electricity Production in Iran: a Conceptual Framework
Using a variety of solar power plants is one of the solutions governments use to respond to energy and sustainable development needs. While Iran has a strong potential for using solar energy, the application of solar energy, especially through PV technology, has been limited due to the country’s richness of fossil fuels and their low prices. Therefore, it is important to adopt effective strateg...
متن کاملPersistence and Security Support for Distributed Systems with Mobile Software Objects Position Paper
Mobile software objects are autonomous computational entities that travel in large-scale and widely-distributed heterogeneous systems, and whose functionality can be attached to diverse computing environments. Incorporation of mobile objects into large-scale distributed systems introduces new challenges to distributed object management (sub)system (DOMS). In this paper we focus on two important...
متن کاملEnforcing Security Policies for Distributed Objects Applications
In this paper we present the design and the implementation of a policy engine for enforcing security policies for distributed applications. Such policies, represented by using the RBAC model, include both how the distributed, shared and replicated objects are used, by mean of role certificates and how these roles are managed by means of administrative roles. The policy engine can enforce not on...
متن کاملPolicy-Based Semantic Compliance Checking for Business Process Management
Compliance management, risk analysis, and auditing are disciplines that are critical for large scale distributed enterprise systems. The way these complex systems are developed and deployed makes the management and enforcement of enterprise goals or policies a hard task. This is also true for compliance management of business processes (BPs). Such an observation is emphasized if we give complia...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Electr. Notes Theor. Comput. Sci.
دوره 197 شماره
صفحات -
تاریخ انتشار 2008