Evolving Security Requirements in Multi-layered Service-Oriented-Architectures

Idrees, Muhammad; Serme, Gabriel; Roudier, Yves; Oliveira, Anderson Santana de; Grall, Hervé; Südholt, Mario

doi:10.1007/978-3-642-28879-1_13

Cited by 4 publications

(1 citation statement)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several works apply AOP for building inline reference monitors for access control, such as [19,25,8] or to specify other requirements such as availability [6]. The particularity in our approach is its application to the information flow in a distributed systems, which requires the use of specific aspect mechanisms [13].…”

Section: Related Workmentioning

confidence: 99%

HiPoLDS: A Security Policy Language for Distributed Systems

Dell’Amico

Serme²,

Idrees

et al. 2012

Information Security Theory and Practice. Security, Privacy and Trust in Computing Systems and Ambient Intelligent Ecosystems

Self Cite

View full text Add to dashboard Cite

Expressing security policies to govern distributed systems is a complex and error-prone task. Policies are hard to understand, often expressed with unfriendly syntax, making it difficult to security administrators and to business analysts to create intelligible specifications. We introduce the Hierarchical Policy Language for Distributed Systems (HiPoLDS). HiPoLDS has been designed to enable the specification of security policies in distributed systems in a concise, readable, and extensible way. HiPoLDS's design focuses on decentralized execution environments under the control of multiple stakeholders. Policy enforcement employs distributed reference monitors who control the flow of information between services. HiPoLDS allows the definition of both abstract and concrete policies, expressing respectively high-level properties required and concrete implementation details to be ultimately introduced into the service implementation.

show abstract