Skip to Main content Skip to Navigation
Conference papers

Distributed Middleware Enforcement of Event Flow Security Policy

Abstract : Distributed, event-driven applications that process sensitive user data and involve multiple organisational domains must comply with complex security requirements. Ideally, developers want to express security policy for such applications in data-centric terms, controlling the flow of information throughout the system. Current middleware does not support the specification of such end-to-end security policy and lacks uniform mechanisms for enforcement. We describe DEFCon-Policy, a middleware that enforces security policy in multi-domain, event-driven applications. Event flow policy is expressed in a high-level language that specifies permitted flows between distributed software components. The middleware limits the interaction of components based on the policy and the data that components have observed. It achieves this by labelling data and assigning privileges to components. We evaluate DEFCon-Policy in a realistic medical scenario and demonstrate that it can provide global security guarantees without burdening application developers.
Document type :
Conference papers
Complete list of metadata

Cited literature [12 references]  Display  Hide  Download

https://hal.inria.fr/hal-01055277
Contributor : Hal Ifip <>
Submitted on : Tuesday, August 12, 2014 - 11:36:19 AM
Last modification on : Wednesday, August 16, 2017 - 5:20:49 PM
Long-term archiving on: : Wednesday, November 26, 2014 - 10:45:15 PM

File

sf-mw10.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Matteo Migliavacca, Ioannis Papagiannis, David M. Eyers, Brian Shand, Jean Bacon, et al.. Distributed Middleware Enforcement of Event Flow Security Policy. ACM/IFIP/USENIX 11th International Middleware Conference (MIDDLEWARE), Nov 2010, Bangalore, India. pp.334-354, ⟨10.1007/978-3-642-16955-7_17⟩. ⟨hal-01055277⟩

Share

Metrics

Record views

421

Files downloads

360