Designing, Capturing and Validating History-Sensitive Security Policies for Distributed Systems

Published in Volume XXI, Issue 1, 2011, pages 107-149

Authors: A.M. Hernandez, F. Nielson, H. Riis-Nielson

Abstract

We consider the use of Aspect-oriented techniques as a flexible way to deal with security policies in distributed systems. We follow the approach of attaching security policies to the relevant locations that must be governed by them, and then combining them at runtime according to the interactions that happen. Recent work suggests using Aspects in this way to analyse the future behaviour of programs and to make access control decisions based on this; this gives the flavour of dealing with information flow rather than mere access control. We show in this paper that it is beneficial to augment this approach with history-based components, as is traditional in reference-monitor-based approaches to mandatory access control. Our developments are performed in an Aspect-oriented coordination language, aiming to describe the Bell-LaPadula policy as elegantly as possible. Furthermore, the resulting language has the capability of combining both history-sensitive and future-sensitive policies, providing even more flexibility and power. Moreover, we propose a global Logic for reasoning about the systems designed with this language. We show how the Logic can be used to validate the combination of security policies in a distributed system, either with or without exploring the entire state space.

Bibtex

@article{sacscuza:hernandez2011dcavhspfds,
  title={Designing, Capturing and Validating History-Sensitive Security Policies for Distributed Systems},
  author={A.M. Hernandez and F. Nielson and H. Riis-Nielson},
  journal={Scientific Annals of Computer Science},
  volume={21},
  number={1},
  organization={``A.I. Cuza'' University, Iasi, Romania},
  year={2011},
  pages={107--149},
  publisher={``A.I. Cuza'' University Press}
}