State-Based Security Policy Enforcement in Component-Based E-Commerce Applications

Software component technology supports the cost-effective development of e-commerce applications but also introduces special security problems. In particular, a malicious component is a threat to any application incorporating it. Therefore wrappers are of interest which control the behavior of components at run-time and enforce the application’s security policies. The wrapper of a component monitors the component behavior at its interfaces and checks its compliance with the security behavior constraints of the component’s employment contract. We propose state-based security policy definitions, report on their suitable design, and clarify their employment by means of a component-structured e-procurement application.

[1]  Dexter Kozen Efficient Code Certification , 1998 .

[2]  Heiko Krumm,et al.  A framework for the hazard analysis of chemical plants , 2000, CACSD. Conference Proceedings. IEEE International Symposium on Computer-Aided Control System Design (Cat. No.00TH8537).

[3]  George C. Necula,et al.  Compiling with proofs , 1998 .

[4]  David A. Wagner,et al.  A Secure Environment for Untrusted Helper Applications , 1996, USENIX Security Symposium.

[5]  Dexter Kozen,et al.  Language-Based Security , 1999, MFCS.

[6]  Svein J. Knapskog,et al.  A metric for trusted systems , 1998 .

[7]  Hannes Federrath,et al.  Modeling the Security of Steganographic Systems , 1998, Information Hiding.

[8]  Brian N. Bershad,et al.  Extensibility safety and performance in the SPIN operating system , 1995, SOSP.

[9]  Heiko Krumm,et al.  Trust-adapted enforcement of security policies in distributed component-structured applications , 2001, Proceedings. Sixth IEEE Symposium on Computers and Communications.

[10]  Marten van Sinderen,et al.  Architecture and Specification Style in Formal Descriptions of Distributed Systems , 1988 .

[11]  Andrew C. Myers,et al.  Complete, safe information flow with decentralized labels , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[12]  Marcus J. Ranum,et al.  A NETWORK PERIMETER WITH SECURE EXTERNAL ACCESS , 1994 .

[13]  Fred B. Schneider,et al.  Towards Fault-Tolerant and Secure Agentry , 1997, WDAG.

[14]  Carl A. Sunshine,et al.  Protocol Specification, Testing and Verification - Guest Editorial , 1982, Comput. Networks.

[15]  Robert Wahbe,et al.  Efficient software-based fault isolation , 1994, SOSP '93.

[16]  Khaled M. Khan,et al.  A framework for an active interface to characterise compositional security contracts of software components , 2001, Proceedings 2001 Australian Software Engineering Conference.

[17]  Heiko Krumm,et al.  A framework for modeling transfer protocols , 2000, Comput. Networks.

[18]  Joachim Biskup,et al.  Enforcement of State Dependent Security Specifications , 1994, DBSec.

[19]  Clemens A. Szyperski,et al.  Component software - beyond object-oriented programming , 2002 .

[20]  Elisa Bertino,et al.  Providing flexibility in information flow control for object oriented systems , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[21]  Timothy Fraser,et al.  Hardening COTS software with generic software wrappers , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[22]  Peter Lee,et al.  TIL: a type-directed, optimizing compiler for ML , 2004, SIGP.

[23]  Jean-Marc Jézéquel,et al.  Making Components Contract Aware , 1999, Computer.