Trust-adapted enforcement of security policies in distributed component-structured applications

Peter Herrmann, Heiko Krumm

Universität Dortmund, FB Informatik, LS IV, D-44221 Dortmund
E-Mail: {Peter.Herrmann| krumm}@cs.tu-dortmund.de

Abstract

Software component technology on the one hand supports the cost-effective development of specialized applications. On the other hand, however, it introduces special security problems. Some major problems can be solved by the automated run-time enforcement of security policies. Each component is controlled by a wrapper which monitors the component's behavior and checks its compliance with the security behavior constraints of the component's employment contract. Since control functions and wrappers can cause substantial overhead, we introduce trust-adapted control functions where the intensity of monitoring and behavior checks depends on the level of trust, the component, its hosting environment, and its vendor have currently in the eyes of the application administration. We report on wrappers and a trust information service, shortly outline the embedding security model and architecture, and describe a Java Bean based experimental implementation.

Key Words

Software Components, Wrappers, Trust Management, Security Policy Enforcement, Trust Information Service

Published in

Proceedings of the 6th IEEE Symposium on Computers and Communications, pages 2-8, Hammamet, IEEE Computer Society Press, July, 2001.

Obtaining the paper

Due to the copyright agreement between the publisher and the authors we are not allowed to make the paper available online. If you have problems to obtain it, please call us.


Peter Herrmann, September 21, 2001 -- digital media copyright