Open AccessEnforcing Distributed Information Flow Policies Architecturally: The SAID Approach
Author(s) -
Arnab Ray
Publication year - 2005
Publication title -
lecture notes in computer science
Language(s) - English
Resource type - Book series
SCImago Journal Rank - 0.249
H-Index - 400
eISSN - 1611-3349
pISSN - 0302-9743
ISBN - 3-540-25630-X
DOI - 10.1007/11417019_9
Subject(s) - computer science , information flow , data flow diagram , security policy , architecture , software architecture , distributed computing , encode , software , systems architecture , software engineering , programming language , computer security , database , philosophy , linguistics , biochemistry , chemistry , visual arts , gene , art
Architectural security of a distributed system is best considered at design time rather than further down the software life cycle where it may become very expensive to make even minor modifications to the software architecture. In this paper we take Architectural Interaction Diagrams (AID) [9,8], an architecture description framework with an unique ability to encode communication efficiently and augment actions of AID components with security levels to produce SAID. This new architecture description language enables the designer to impose information flow restriction policies on system communications at design time which in turn allows a reduction of the information flow analysis problem for distributed systems to the simpler problem of information flow analysis of individual components of the distributed system.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom