Distributed Middleware Enforcement of Event Flow Security Policy

Abstract : Distributed, event-driven applications that process sensitive user data and involve multiple organisational domains must comply with complex security requirements. Ideally, developers want to express security policy for such applications in data-centric terms, controlling the flow of information throughout the system. Current middleware does not support the specification of such end-to-end security policy and lacks uniform mechanisms for enforcement. We describe DEFCon-Policy, a middleware that enforces security policy in multi-domain, event-driven applications. Event flow policy is expressed in a high-level language that specifies permitted flows between distributed software components. The middleware limits the interaction of components based on the policy and the data that components have observed. It achieves this by labelling data and assigning privileges to components. We evaluate DEFCon-Policy in a realistic medical scenario and demonstrate that it can provide global security guarantees without burdening application developers.
Type de document :
Communication dans un congrès
Indranil Gupta; Cecilia Mascolo. ACM/IFIP/USENIX 11th International Middleware Conference (MIDDLEWARE), Nov 2010, Bangalore, India. Springer, Lecture Notes in Computer Science, LNCS-6452, pp.334-354, 2010, Middleware 2010. 〈10.1007/978-3-642-16955-7_17〉
Liste complète des métadonnées

Littérature citée [12 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01055277
Contributeur : Hal Ifip <>
Soumis le : mardi 12 août 2014 - 11:36:19
Dernière modification le : mercredi 16 août 2017 - 17:20:49
Document(s) archivé(s) le : mercredi 26 novembre 2014 - 22:45:15

Fichier

sf-mw10.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Matteo Migliavacca, Ioannis Papagiannis, David M. Eyers, Brian Shand, Jean Bacon, et al.. Distributed Middleware Enforcement of Event Flow Security Policy. Indranil Gupta; Cecilia Mascolo. ACM/IFIP/USENIX 11th International Middleware Conference (MIDDLEWARE), Nov 2010, Bangalore, India. Springer, Lecture Notes in Computer Science, LNCS-6452, pp.334-354, 2010, Middleware 2010. 〈10.1007/978-3-642-16955-7_17〉. 〈hal-01055277〉

Partager

Métriques

Consultations de la notice

96

Téléchargements de fichiers

98