Open AccessInfrastructural Support for Enforcing and Managing Distributed Application-Level Policies
Author(s) -
Tom Goovaerts,
Bart De Win,
Wouter Joosen
Publication year - 2008
Publication title -
electronic notes in theoretical computer science
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.242
H-Index - 60
ISSN - 1571-0661
DOI - 10.1016/j.entcs.2007.10.012
Subject(s) - computer science , enforcement , computer security , security policy , security service , computer security model , isolation (microbiology) , mandatory access control , state (computer science) , network security policy , access control , service (business) , information security , business , role based access control , microbiology and biotechnology , algorithm , political science , law , biology , marketing
State-of-the-art security mechanisms are often enforced in isolation from each other, which limits the kinds of policies that can be enforced in distributed and heterogeneous settings. More specifically, it is hard to enforce application-level policies that affect, or use information from multiple distributed components. This paper proposes the concept of a Security Service Bus (SSB), which is a dedicated communication channel between the applications and the different security mechanisms. The SSB treats the security mechanisms as reusable, stand-alone security services that can be bound to the applications and it allows the enforcement of advanced policies by providing uniform access to application-level information. This leads to a security infrastructure that is more flexible and more manageable and that can enforce more expressive policies.status: publishe
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom