Architecting a Computerized Patient Record with Distributed Objects
↧
↧
Architectural Separation of Authorization and Application Logic in Distributed Systems
Security is an essential feature and foremost concern to enterprise software systems. Today, application-level access control (and other security) functions are based on complex, fine-grain and/or context-dependent policies, and thus are largely embedded in application systems. This results in multiple-point security control, which makes system integration and security administration tremendously difficult, costly and error-prone. In this talk, we present our ongoing effort to address the above problems and to achieve the objectives of application access control by integrating the latest results in distributed object technology and software security under an architecture-centered approach for system composition. The main direction of our approach is the development of an open, adaptive and application-independent distributed authorization service based on emerging middleware standards such as CORBA. The service provides authorization decisions to distributed application systems. It establishes the structural basis for system composition, and for ensuring overall performance, availability and reliability of enterprise-wide authorization services. The use of external authorization service has a promise to overcome most of the drawbacks of coupling authorization logic with application logic. The same approach might be generalized and applied for other security properties of distributed application systems. However several important questions have to be addressed before the approach could be considered viable. We expect the study to show (1) if the architectural separation of functional and nonfunctional system properties is viable for contemporary distributed computing technologies in general, and (2) if authorization logic can be effectively decoupled from application logic in particular. The research has direct implications on the practice of constructing distributed application systems. The talk was given at: * Department of Computer Science, Middlesex College, The University of Western Ontario, London, ON, Canada, 30 May. * Department of Computer Science, York University, Toronto, ON, Canada, 29 May. * IBM Zurich Research Laboratory, Rüeschlikon, Switzerland, 22 May. * Erik Jonsson School of Engineering and Computer Science, The University of Texas at Dallas, TX, USA, 1 May. * Computer and Information Sciences Department, Temple University, Philadelphia, PA, USA, 11 April.
↧
Architecture of Information Enterprises: Problems and Perspectives
Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed. Research directions for solving the main problems of information enterprise architecture field are proposed.
↧
Architecture of Information Enterprises: Problems and Perspectives
Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed. Research directions for solving the main problems of information enterprise architecture field are proposed.
↧
Architecture of Information Enterprises: Problems and Perspectives
Current problems, constrains, goals, and approaches in developing architecture of information enterprises are reviewed. Research directions for solving the main problems of information enterprise architecture field are proposed.
↧
↧
Supporting End-to-end security Across Proxies with Multiple-channel SSL
Secure Socket Layer (SSL) has functional limitations that prevent end-to-end security in the presence of untrusted intermediary application proxies used by clients to communicate with servers. This paper introduces Multiple-Channel SSL (MC-SSL), an extension of SSL, and describes and analyzes the design of MC-SSL proxy channel protocol that enables the support for end-to-end security of client-server communications in the presence of application proxies. MC-SSL is able to securely negotiate multiple virtual channels with different security characteristics including application proxy and cipher suite.
↧
Architecture-Centered Composition of Adaptive and Dependable Enterprise Security Services
Security is an essential feature and foremost concern to enterprise software systems. Today, application-level security functions, e.g. access control based on complex, fine-grain and/or context dependent security policies, are largely embedded in application software. This results in multiple point security control, which makes system integration and security administration tremendously difficult, costly and error-prone. No effective and scalable means exist to systematically classify, precisely predict and measure end-to-end properties (e.g. completeness and assurance of security policies) of enterprise security services. In this talk, we present our ongoing effort to address the above problems by integrating the latest results in distributed object technology, formal methods and software security under an architecture-centered approach for system composition. Our objective is threefold: supporting uniform management and dynamic composition of security policies, supporting dynamic composition of enterprise security services and applications, and in the meantime, assuring system-wide properties and quality attributes during design and evolution of the systems. Our approach has the following integrated elements: 1. Developing an open, adaptive and application-independent distributed architecture for enterprise security services based on emerging middleware standards, e.g. CORBA. Such architecture provides the structural basis for system composition, and for ensuring performance, availability and reliability of the security services. 2. Developing constraint patterns based on the architecture, which systematically classify and define required end-to-end properties of the security service, and its composability against the properties. These constraint patterns provide behavioral basis for the composition. 3. Developing adaptive and scalable modeling and analysis methods to describe the structural and behavioral composition of the security services and to verify its conformance to the architectural constraints during system design and evolution. Our preliminary results on this research are presented, and open issues discussed.
↧
Attribute Function: an Enabler for Effective Inexpensive Application-specific Security Decisions
Security is an essential feature and foremost concern to Internet and enterprise distributed software applications. However, the adoption of secure distributed applications by commercial and government organizations is considerably hampered by the prohibitively high cost of ownership and the inability to support real-world security requirements adequately. New methods for designing security mechanisms for large-scale distributed applications to enable both lowering the ownership cost of the applications and making them more adequate for real-world security requirements are necessary. In this talk, I will discuss plans for near term research on testing the hypothesis that the attribute function (AF), which I have recently proposed, allows effective use of application-specific factors in security policy decisions without expensive coupling between the decision function and the application. An addition to the traditional decision and enforcement functions present in most security mechanisms (e.g., access control, data protection, and security audit), AF is introduced to provide application-specific information to these functions.
↧
BHS Information Enterprise Architecture
↧
↧
Client-Server Semantic Binary Database: Design and Development
This paper describes design and implementation of client-server architecture for Semantic Binary Database Management System developed at High Performance Database Research Center, Florida International University. We present a conceptual view of the system architecture, give a detailed picture of its layers responsible for client-server interaction, describe implementation issues, and, if time constraints allow, present performance tests results.
↧
Computer and Distributed Security: Introductory Overview for Researchers
Outline: - What is security of computer systems - Security and usability - The main challenge for security - Threats, Vulnerabilities, and Attacks - Security Concerns - Distributed Security - Security Functionalities - Summary - References
↧
CORBAmed Security White Paper
The issue of security in healthcare has been discussed from a variety of perspectives at many CORBAmed meetings. This report focuses on the practical topic of how CORBAmed RFPs for services can go forward while accounting for security requirements. As we have found out, the exact nature of what is encompassed in the use of the word security can vary from person to person. Even if we start with a specific definition of security, requirements will also vary across a spectrum of viewpoints.
↧
CPR Security CORBA-based Security and Intranet Services
Intranet information services based on such technologies as WWW will continue to grow. Not every intranet service is and will be based on CORBA architecture. Some will continue to utilize plain HTML/CGI solutions. Integration of the latter ones into CORBA-based computerized patient record (CPR) (and enterprise, in general) security infrastructure is required. This document presents a solution to this problem.
↧
↧
Design
Learning objectives: * understand the principles of engineering secure systems. * make effective use of security constructs provided by current technologies. * trade off security against useability requirements. * design for secure operability. Overview: Considerations such as which security constructs to use, when and where to place trust, and how to make trade-offs in the design of secure systems are given center stage. Initially, the principles of engineering secure systems are revised: * trusted computing base, * defense in depth, * separation of policies and mechanisms, * least privilege, * minimal attack surface, * fail-safe defaults, * economy of mechanism, * complete mediation, * open design, * separation of privilege, * least common mechanism, * psychological acceptability. After which, the following design issues are reviewed: * aspects of the design of administrative access, * default installation, * logging.
↧
Design and Implementation of Resource Access Decision Server
Decoupling authorization decision logic enables implementation of complex and consistent access control policies across heterogeneous systems. However, this is difficult, if not impossible to implement by exclusively using general-purpose infrastructures such as CORBA Security Service. In response to this limitation of CORBA Security service the Object Management Group (OMG) has adopted a Resource Access Decision (RAD) Facility, an authorization service for distributed systems, as a pre-final standard. By using RAD facility, developers can implement systems with authorization logic decoupled from application-specific logic and decentralized evaluation and administration of the access policies. This report documents the design and implementation of a Resource Access Decision (RAD) facility. The report covers the different components that comprise a RAD system, their designs, functions and interdependencies. The RAD prototype allows studying the validity of the frame-work and conduction of experiments in the research of distributed access control. Since the design of the prototype is heavily influenced by design patterns, the prototype can easily be maintained and augmented with more complex access control mechanisms.
↧
Engineering Access Control for Distributed Enterprise Applications
Access control (AC) is a necessary defense against a large variety of security attacks on the resources of distributed enterprise applications. However, to be effective, AC in some application domains has to be fine-grain, support the use of application-specific factors in authorization decisions, as well as consistently and reliably enforce organization-wide authorization policies across enterprise applications. Because the existing middleware technologies do not provide a complete solution, application developers resort to embedding AC functionality in application systems. This coupling of AC functionality with application logic causes significant problems including tremendously difficult, costly and error prone development, integration, and overall ownership of application software. The way AC for application systems is engineered needs to be changed. In this dissertation, we propose an architectural approach for engineering AC mechanisms to address the above problems. First, we develop a framework for implementing the role-based access control (RBAC) model using AC mechanisms provided by CORBA Security. For those application domains where the granularity of CORBA controls and the expressiveness of RBAC model suffice, our framework addresses the stated problem. In the second and main part of our approach, we propose an architecture for an authorization service, RAD, to address the problem of controlling access to distributed application resources, when the granularity and support for complex policies by middleware AC mechanisms are inadequate. Applying this architecture, we developed a CORBA-based application authorization service (CAAS). Using CAAS, we studied the main properties of the architecture and showed how they can be substantiated by employing CORBA and Java technologies. Our approach enables a wide-ranging solution for controlling the resources of distributed enterprise applications.
↧
Engineering Application-level Access Control in Distributed Systems
This chapter discusses issues of engineering access control solutions in distributed applications for enterprise computing environments. It reviews application-level access control available in existing middleware technologies, discusses open problems in these technologies, and surveys research efforts to address the problems.
↧
↧
Enterprise Security with EJB™ and CORBA®
This book shows you how to apply enterprise security integration (ESI) to secure your enterprise from end-to-end, using theory, examples, and practical advice. We present material on how to use the programming tools and models, and how to understand the specifications that are available to build a secure system. We present the theory behind the models and explain the thinking behind many of the security specifications that are at the forefront of the technology today. Our emphasis is in showing you how to build and understand the complexities of an end-to-end secure enterprise system. Consequently, we do not cover in-depth some of the more arcane aspects of security such as cryptography, PKI, or how to build the security services themselves. We discuss these specialized security technologies in the context of their use in a distributed system so that you can judge how and where to use them. This book gives you both a detailed technical understanding of the major components of an end-to-end enterprise security and a broad description of how to deploy and use these technologies to secure your corporation and its interaction with the outside world.
↧
Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services
This presentation reflects, from a software engineering perspective, on the experience of designing and implementing protection mechanisms for ASP.NET Web services. The limitations of Microsoft ASP.NET container security mechanisms render them inadequate for hosting enterprise-scale applications that have to be protected according to diverse and/or complex applicationspecific security policies. In this presentation, we report on our experience of designing and implementing a component-based architecture for protecting enterprisegrade Web service applications hosted by ASP.NET. Due to its flexibility and extensibility, this architecture enables the integration of ASP.NET into the organizational security infrastructure with less effort by Web service developers. The architecture has been implemented in a real-world security solution. This paper also contributes a best practice on constructing flexible and extensible authentication and authorization logic for Web services by using Resource Access Decision and Attribute Function (AF) architectural styles. Furthermore, the lessons learned from our design and implementation experiences are discussed.
↧
eXtreme Security Engineering: On Employing XP Practices to Achieve “Good Enough Security” without Defining It
This paper examines practices of eXtreme Programming (XP) on the subject of their application to the development of security solutions. We introduce eXtreme Security Engineering (XSE), an application of XP practices to security engineering, and discuss its potential benefits and applicability scope. We argue that XSE could help achieve “good enough security” while avoiding defining a priory what it is.
↧
More Pages to Explore .....
