3 research outputs found
Dependable Management of Untrusted Distributed Systems
The conventional approach to the online management of distributed
systems---represented by such standards as SNMP for network management, and
WSDM for systems based on service oriented computing (SOC)---relies on the
components of the managed system to cooperate in the management process, by
providing the managers with the means to monitor their state and activities,
and to control their behavior. Unfortunately, the trust thus placed in the
cooperation of the managed components is unwarranted for many types of
systems---such as systems based on SOA---making the conventional management of
such systems unreliable and insecure.
This paper introduces a radically new approach to the management of
distributed systems, called governance-based management (GBM), which is based
on a middleware that can govern the exchange of messages between system
components. GBM has a substantial ability to manage distributed systems, in a
reliable and secure manner, even without any trustworthy cooperation of the
managed components.
And it can fully incorporate the conventional management techniques wherever
such cooperation can be trusted. GBM also supports a reflexive mode of
management, which manages the management process itself, making it safer.
However, GBM is still a work in progress, as it raises several open problems
that needs to be addressed before this management technique can be put to
practice
LPOP: Challenges and Advances in Logic and Practice of Programming
This article describes the work presented at the first Logic and Practice of
Programming (LPOP) Workshop, which was held in Oxford, UK, on July 18, 2018, in
conjunction with the Federated Logic Conference (FLoC) 2018. Its focus is
challenges and advances in logic and practice of programming. The workshop was
organized around a challenge problem that specifies issues in role-based access
control (RBAC), with many participants proposing combined imperative and
declarative solutions expressed in the languages of their choice.Comment: arXiv admin note: substantial text overlap with arXiv:1804.10247 by
other author
A policy-oriented language for expressing security specifications
Organizations β authorization policies are usually described by access control rules enforced on each protected object scattered all over the organization. Having a single global security policy specification would promote both security clarity and coherency [4, 9, 18, 31, 37]. Having a single security model for the whole organization, a single point of management and enforcement with a innumerous set of unknown users, does not scale well. However, both the policy enforcement and the mapping of unknown users to known entities [28] can be decoupled from the specification; thus, having a single global security policy decoupled from the enforcement and from the mapping of unknown users promotes clarity and coherency without compromising scalability. This work presents a security policy language which is able to express simultaneously many different types of models, which is essential to handle all the policies used on a complex organization. The proposed language can express the concepts of permission and prohibition, and some restricted forms of obligation. We show how to express and implement obligation using the transaction concept. We also address the problem of incoherent policies and show how to efficiently enforce the security policies expressed by the language with a security access monitor, implemented in java, including history-based and obligation-based security policies