Abstract
The wide-spread use of different distributed systems platforms and security technologies today makes the integration of distributed applications and the migration of existing applications to new technologies increasingly difficult. Model driven software development approaches try to tackle this problem by first modelling the application logic independent of technologies, and then by mapping this model to the technology. Security in distributed systems faces a similar problem because there are many different platforms and security technologies that need to be integrated. This paper illustrates how the concepts of model driven software engineering can be applied to security, and we present OpenPMF, our flexible, model-driven security framework in which a technology-independent abstract representation of the security policy is stored in a technology-independent policy repository, which is integrated with the underlying platform and security technology in a well-defined and flexible manner. Our architecture takes into account the separation of functional and non-functional properties of distributed applications. We also discuss the integration of our system with CORBA and CORBA Components.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
COACH Consortium. Component Based Open Source Architecture for Distributed Telecom Applications. http://www.ist-coach.org. May 2003
Damianou, N., Dulay, N., Lupu, E., Sloman, M. Ponder: A Language for Specifying Security and Management Policies for Distributed Systems, Imperial College (UK) Research Report DoC 2000/1, October 2000
Epstein, P, and Sandhu, R. Towards a UML-Based Approach to Role Engineering. In Proceedings of the Fourth ACM Workshop on Role-Baased Access Control, pages 135–143, ACM Press, 1999
IKV. Meta Model Management — M3 http://www.ikv.de/content/Produkte/meta20model20management_e.htm, May 2003
ürjens, J. Towards Development of Secure Systems using UMLsec. In H. Hussmann, editor. Fundamental Approaches to Software Engineering, 4th, International Conference, Proceedings, LNCS, pages 187–200, Springer, 2001
Lampson, B., Abadi, M., Burrows, M., Wobber, E. Authentication in Distributed Systems: Theory and Practice.ACM Transactions on Computer Systems 10, 4, pp 265–310, November 1
Lang, U., Gollmann, D., and Schreiner, R. Verifiable Identifiers in Middleware Security. 17th Annual Computer Security Applications Conference (ACSAC) Proceedings, pp. 450–459, IEEE Press, December 2001
Lang, U. Access Policies for Middleware, PhD Dissertation, Computer Laboratory, University of Cambridge, UK, February 2003
Lodderstedt, T., Basin, D., and Doser, J. SecureUML: A UML-Based Modeling Language for Model-Driven Security, In: J.-M. J éz équel, H. Hussmann, S. Cook (Eds.): UML 2002 — The Unified Modeling Language. 5th International Conference, Dresden, Germany, September 30 — October 4, 2002. Proceedings, Lecture Notes in Computer Science, LNCS 2460, Springer, September 2002.
MICOSec Team. MICOSec CORBA Security Service Web Page, http://www.micosec.org/, May 2003
Object Management Group. Model Driven Architecture Web Page. http://www.omg.org/mda. Needham, MA, May 2003
Object Management Group. Catalog of OMG Specifications. November 2003, http://www.omg.org/technology/documents/spec_catalog.htm
OpenCCM Team. OpenCCM Project Web Page, http://www.objectweb.org/openccm/, May 2003
Qedo Team. Qedo (Quality-Enabled Distributed Objects) CCM Implementation Web Page, http://qedo.berlios.de/, May 2003
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2004 Friedr. Vieweg & Sohn Verlagsgesellschaft/GWV Fachverlage GmbH, Wiesbaden
About this chapter
Cite this chapter
Lang, U., Schreiner, R. (2004). OpenPMF: A Model-Driven Security Framework for Distributed Systems. In: ISSE 2004 — Securing Electronic Business Processes. Vieweg+Teubner Verlag. https://doi.org/10.1007/978-3-322-84984-7_15
Download citation
DOI: https://doi.org/10.1007/978-3-322-84984-7_15
Publisher Name: Vieweg+Teubner Verlag
Print ISBN: 978-3-528-05910-1
Online ISBN: 978-3-322-84984-7
eBook Packages: Springer Book Archive