Polymorphic Services for Secure and Context-dependent VHEs

Network services can be classified as public services or private services. Public services are offered to the anonymous public in the public part of the Internet, whereas private services are provided exclusively to selected user groups. Offering private services outside a secure intranet environment may constitute a security risk to the service provider. In this paper, we propose to increase security by using dynamically instantiated proxies that base their authorization decision for granting access to services on context information supplied by different sources. We call these proxies "polymorphic proxies". From the users’ point of view, the resulting global behavior is that of a "polymorphic service": Though well-defined and stable service interfaces are used, the service itself may show a situation-dependent behavior. We present the concept of Virtual Service Networks, in which polymorphic services are embedded, giving the service provider distinct control over service usage.