Rule-Based Run-Time Information Flow Control in Service Cloud

Service cloud provides added value to customers by allowing them to compose services from multiple providers. Most existing web service security models focus on the protection of individual web services. When multiple services from different domains are composed together, it is critical to ensure the proper information flow on the chain of services. In a service chain, each service needs to determine whether the sensitive information can be directly or indirectly disseminated to the subsequent services. Also, each service in the chain needs to decide whether to accept the data passed to it directly or indirectly from prior services. Moreover, the input data that service si receives from si-1, si. InF, may cause certain side effects inside si, such as updating si's backend database using data computed from si. InF. Service si may wish to allow such side effects in one situation while reject some side effects in another situation. All these decisions should be made based on the service's information flow control policies. To achieve fine-grained information flow control, it is also necessary to analyze the flow and processing of the data and derive the dependencies between the data dynamically generated or used in a service chain. In this paper, we develop a run-time information flow control model for service cloud. First, we develop a run-time dependency analysis mechanism which enables each service in the service chain to determine the correlation between the locally accessed data and the data dynamically generated by the services in the service chain. Then, we develop a model to enable each service in a service chain to specify policies on how its sensitive information can be released to its subsequent services and what types of input data from prior services can be accepted and how they can flow within the services. Finally, we design a run-time protocol to enforce these policies in a service chain.

[1]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[2]  Elisa Bertino,et al.  A Trust-Based Context-Aware Access Control Model for Web-Services , 2004, Proceedings. IEEE International Conference on Web Services, 2004..

[3]  Gian Luigi Ferrari,et al.  Security Issues in Service Composition , 2006, FMOODS.

[4]  David Zhang,et al.  Secure program execution via dynamic information flow tracking , 2004, ASPLOS XI.

[5]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[6]  Mudhakar Srivatsa,et al.  An Access Control System for Web Service Compositions , 2007, IEEE International Conference on Web Services (ICWS 2007).

[7]  Sunil Chandra,et al.  Orchestrating composite Web services under data flow constraints , 2005, IEEE International Conference on Web Services (ICWS'05).

[8]  Tzi-cker Chiueh,et al.  A General Dynamic Information Flow Tracking Framework for Security Applications , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[9]  Barbara Carminati,et al.  Security Conscious Web Service Composition , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[10]  Alejandro Russo,et al.  Dynamic vs. Static Flow-Sensitive Security Analysis , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[11]  Alejandro Russo,et al.  From Dynamic to Static and Back: Riding the Roller Coaster of Information-Flow Control Research , 2009, Ershov Memorial Conference.

[12]  K. Rustan M. Leino,et al.  A semantic approach to secure information flow , 2000, Sci. Comput. Program..

[13]  Elisa Bertino,et al.  A fine-grained access control model for Web services , 2004, IEEE International Conference onServices Computing, 2004. (SCC 2004). Proceedings. 2004.

[14]  Scott F. Smith,et al.  Dynamic Dependency Monitoring to Secure Information Flow , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[15]  Cheng Wang,et al.  LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks , 2006, 2006 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06).

[16]  Natalya F. Noy,et al.  Semantic integration: a survey of ontology-based approaches , 2004, SGMD.

[17]  David A. Schmidt,et al.  Automata-Based Confidentiality Monitoring , 2006, ASIAN.

[18]  VolpanoDennis,et al.  A sound type system for secure flow analysis , 1996 .

[19]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[20]  Elisa Bertino,et al.  Policy-Driven Service Composition with Information Flow Control , 2010, 2010 IEEE International Conference on Web Services.

[21]  Sabrina De Capitani di Vimercati,et al.  Expressive and Deployable Access Control in Open Web Service Applications , 2011, IEEE Transactions on Services Computing.

[22]  Elisa Bertino,et al.  The SCIFC Model for Information Flow Control in Web Service Composition , 2009, 2009 IEEE International Conference on Web Services.

[23]  Claude Godart,et al.  Information Flow Control with Decentralized Service Compositions , 2007, IEEE International Conference on Web Services (ICWS 2007).

[24]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..