Abstract
The Self-Defending Object (SDO) concept extends the current object-oriented programming paradigm to specifically target the peculiar requirements of Security Aware Application (SAA) development. This paper discusses the SDO Distribution Architecture (SDODA) that enables the use of the SDO concept in development of distributed SAAs. Specifically the architecture overcomes the apparent incompatibility between the two programming models considered and the SDO concept that prevented the transfer of SDOs between SAA hosts. To demonstrate the applicability of both the architecture and the SDO concept itself, two versions of a distributed (Java) SAA were developed using orthogonal distributed programming models, the Web services and the Java RMI models. This paper deals with the implementation of the SDODA and the SDO concept in a Web services environment.
The successful use of the architecture demonstrated that the SDO concept can be used to simplify the implementation of application level mandatory access control in distributed SAAs.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Gates, B.: Bill Gates: Trustworthy Computing. Wired News (2002), http://www.wired.com/news/print/0,1294,49826,00.html
Department of Homeland Security: Build Security In home page (2006), http://buildsecurityin.us-cert.gov
Holford, J.W., Caelli, W.J., Rhodes, A.W.: The concept of self-defending objects in the development of security aware applications. In: 4th Australian Information Warfare and IT Security Conference, Adelaide, Australia (2003)
Holford, J.W., Caelli, W.J., Rhodes, A.W.: Using self-defending objects to develop security aware applications in Java. In: Estivill-Castro, V. (ed.) 27th Australasian Computer Science Conference, Dunedin, New Zealand. Conferences in Research and Practice in Information Technology, vol. 26, pp. 341–349. Australian Computer Society (2004)
Roy, J., Ramanujan, A.: Understanding web services. IT Pro., 69–73 (2001)
IBM, Microsoft: Security in a web services world: A proposed architecture and roadmap, version 1.0. Technical report, IBM and Microsoft (2002)
Nadalin, A., Kaler, C., Hallam-Baker, P., Monszillo, R.: Web Services Security: SOAP Message Security 1.0 (WS-Security 2004). Technical report, OASIS (2004), http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Holford, J.W., Caelli, W.J. (2006). The Role of the Self-Defending Object Concept in Developing Distributed Security-Aware Applications. In: Batten, L.M., Safavi-Naini, R. (eds) Information Security and Privacy. ACISP 2006. Lecture Notes in Computer Science, vol 4058. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11780656_16
Download citation
DOI: https://doi.org/10.1007/11780656_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-35458-1
Online ISBN: 978-3-540-35459-8
eBook Packages: Computer ScienceComputer Science (R0)