TY - GEN
T1 - Distributed middleware enforcement of event flow security policy
AU - Migliavacca, Matteo
AU - Papagiannis, Ioannis
AU - Eyers, David M.
AU - Shand, Brian
AU - Bacon, Jean
AU - Pietzuch, Peter
PY - 2010
Y1 - 2010
N2 - Distributed, event-driven applications that process sensitive user data and involve multiple organisational domains must comply with complex security requirements. Ideally, developers want to express security policy for such applications in data-centric terms, controlling the flow of information throughout the system. Current middleware does not support the specification of such end-to-end security policy and lacks uniform mechanisms for enforcement. We describe DEFCON-POLICY, a middleware that enforces security policy in multi-domain, event-driven applications. Event flow policy is expressed in a high-level language that specifies permitted flows between distributed software components. The middleware limits the interaction of components based on the policy and the data that components have observed. It achieves this by labelling data and assigning privileges to components. We evaluate DEFCON-POLICY in a realistic medical scenario and demonstrate that it can provide global security guarantees without burdening application developers.
AB - Distributed, event-driven applications that process sensitive user data and involve multiple organisational domains must comply with complex security requirements. Ideally, developers want to express security policy for such applications in data-centric terms, controlling the flow of information throughout the system. Current middleware does not support the specification of such end-to-end security policy and lacks uniform mechanisms for enforcement. We describe DEFCON-POLICY, a middleware that enforces security policy in multi-domain, event-driven applications. Event flow policy is expressed in a high-level language that specifies permitted flows between distributed software components. The middleware limits the interaction of components based on the policy and the data that components have observed. It achieves this by labelling data and assigning privileges to components. We evaluate DEFCON-POLICY in a realistic medical scenario and demonstrate that it can provide global security guarantees without burdening application developers.
KW - Event-based middleware
KW - Information flow control
KW - Multi-domain distributed applications
KW - Security policy
UR - http://www.scopus.com/inward/record.url?scp=79956292393&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-16955-7_17
DO - 10.1007/978-3-642-16955-7_17
M3 - Conference contribution
AN - SCOPUS:79956292393
SN - 3642169546
SN - 9783642169540
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 334
EP - 354
BT - Middleware 2010 - ACM/IFIP/USENIX 11th International Middleware Conference, Proceedings
T2 - ACM/IFIP/USENIX 11th International Middleware Conference, Middleware 2010
Y2 - 29 November 2010 through 3 December 2010
ER -