Skip to main content
SpringerLink
Log in

Here’s Your LegoTM Security Kit: How to Give Developers All Protection Mechanisms They Will Ever Need

  • Conference paper
Software Engineering and Middleware (SEM 2004)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 3437))

Included in the following conference series:

  • 395 Accesses

Abstract

By presenting a protection architecture for ASP.NET Web services, this paper demonstrates the feasibility of creating middleware mechanisms in the form of composable, flexible, and extensible building blocks. Like LegoTM constructor parts, such blocks enable the reduction of the effort of constructing, extending, and adjusting the application properties and middleware services in response to requirements or environment changes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Schmidt, D.C., Cleeland, C.: Applying patterns to develop extensible ORB middleware. IEEE Communications Magazine 37(4), 54–63 (1999)

    Article  Google Scholar 

  2. Singhai, A., Sane, A., Campbell, R.H.: Quarterware for middleware. In: 18th Interna-tional Conference on Distributed Computing Systems, Amsterdam, Netherlands. IEEE Computer Society, Los Alamitos (1998)

    Google Scholar 

  3. Wang, Y.-M., Lee, W.-J.: COMERA: COM extensible remoting architecture. In: Pro-ceedings of COOTS: 4th USENIX Conference on Object-Oriented Technologies and Sys-tems, Sante Fe, NM, USA, April 27-30, USENIX Assoc. (1998)

    Google Scholar 

  4. Hamilton, G., Powell, M.L., Mitchell, J.G.: Subcontract; A flexible base for distributed programming. In: Operating Systems Review (ACM): Proceedings of the 14th ACM Sympo-sium on Operating Systems Principles, Dececember 5-8 1993, vol. 27(5), pp. 69–79 (1993)

    Google Scholar 

  5. Balasubramanian, K., et al.: Towards composable distributed real-time and embedded software. In: WORDS 2003: 8th International Workshop on Object-oriented Real-Time De-pendable Systems, Guadalajara, January 15-17. IEEE, Mexico (2003)

    Google Scholar 

  6. Othman, O., O’Ryan, C., Schmidt, D.C.: Designing an adaptive CORBA load balancing service using TAO. IEEE Distributed Systems Online 2(4) (2001)

    Google Scholar 

  7. Nahrstedt, K., et al.: QoS-aware middleware for ubiquitous and heterogeneous environ-ments. IEEE Communications Magazine 39(11), 140–148 (2001)

    Google Scholar 

  8. Venkatasubramanian, N.: Safe ’composability’ of middleware services. Communications of the ACM 45(6), 49–52 (2002)

    Article  Google Scholar 

  9. Krishnamurthy, S., Sanders, W.H., Cukier, M.: An Adaptive Quality of Service Aware Middleware for Replicated Services. IEEE Transactions on Parallel and Distributed Sys-tems 14(11), 1112–1125 (2003)

    Article  Google Scholar 

  10. Crowcroft, J., et al.: Channel islands in a reflective ocean: large-scale event distribution in heterogeneous networks. IEEE Communications Magazine 40(9), 112–115

    Google Scholar 

  11. Yang, J., Kaiser, G.E.: JPernLite: extensible transaction services for the WWW. IEEE Transactions on Knowledge and Data Engineering, 1999 11(4), 639–657 (1999)

    Article  Google Scholar 

  12. Houston, I., et al.: The CORBA Activity Service Framework for supporting extended trans-actions. Software - Practice and Experience, 2003 33(4), 351–373 (2003)

    Article  Google Scholar 

  13. Gittler, F., Hopkins, A.C.: The DCE Security Service. Hewlett-Packard Journal 46(6), 41–48 (1995)

    Google Scholar 

  14. OMG, CORBAservices: Common Object Services Specification, Security Service Specifi-cation v1.8, Object Management Group, document formal/2002-03-11 (2002)

    Google Scholar 

  15. Sun, Java Authentication and Authorization Service (JAAS). Sun Microsystems (2001)

    Google Scholar 

  16. Sun, Java Authorization Contract for Containers (2002)

    Google Scholar 

  17. Chapin, S.J., et al.: New model of security for metasystems. Future Generation Computer Systems 15(5), 713–722 (1999)

    Article  Google Scholar 

  18. Andersen, A., et al.: Security and middleware. In: WORDS 2003: 8th International Work-shop on Object-oriented Real-Time Dependable Systems, Guadala-jara, January 15-17, 2003. IEEE, Mexico (2003)

    Google Scholar 

  19. Beznosov, K., et al.: A Resource Access Decision Service for CORBA-based Distributed Systems. In: Annual Computer Security Applications Conference. IEEE Computer Society, Phoenix (1999)

    Google Scholar 

  20. OMG, Resource Access Decision Facility, Object Management Group (2001)

    Google Scholar 

  21. Jajodia, S., et al.: Flexible support for multiple access control policies. ACM Transactions on Database Systems 26(2), 214–260 (2001)

    Article  MATH  Google Scholar 

  22. Siewe, F., Cau, A., Zedan, H.: A compositional framework for access control policies enforcement. In: Proceedings of the 2003 ACM Workshop on Formal Methods in Security Engineering, FMSE 2003, October 30, 2003. Association for Computing Machinery, Washington (2003)

    Google Scholar 

  23. Microsoft, Building Secure ASP.NET Applications: Authentication, Authorization, and Se-cure Communication. Microsoft Press, Redmond (2002)

    Google Scholar 

  24. Hartman, B., et al.: Mastering Web Services Security, 1st edn. John Wiley & Sons, Inc., New York (2003)

    Google Scholar 

  25. Beznosov, K.: Protecting ASP.NETWeb Services: Experience Report. in preparation (2004)

    Google Scholar 

  26. Microsoft, Altering the SOAP Message Using SOAP Extensions (2002)

    Google Scholar 

  27. Fleury, M., Reverbel, F.: The JBoss extensible server. In: Endler, M., Schmidt, D.C. (eds.) Middleware 2003. LNCS, vol. 2672. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  28. Wang, N., et al.: Evaluating meta-programming mechanisms for ORB middleware. IEEE Communications Magazine, 102–113 (2001)

    Google Scholar 

  29. Baldoni, R., Marchetti, C., Verde, L.: CORBA request portable interceptors: analysis and applications. Concurrency and Computation Practice & Experience 15(6), 551–579 (2003)

    Article  Google Scholar 

  30. Narasimhan, N., Moser, L.E., Melliar-Smith, P.M.: Interceptors for Java Remote Method Invocation. Concurrency Computation Practice and Experience 13(8-9), 755–774 (2001)

    Article  MATH  Google Scholar 

  31. Barkley, J., Beznosov, K., Uppal, J.: Supporting Relationships in Access Control Using Role Based Access Control. In: Fourth ACM Role-based Access Control Workshop, Fairfax, Virginia, USA (1999)

    Google Scholar 

  32. Sandhu, R., et al.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)

    Google Scholar 

  33. Beznosov, K.: Object Security Attributes: Enabling Application-specific Access Control in Middleware. In: 4th International Symposium on Distributed Objects & Applications (DOA).Springer, Irvine (2002)

    Google Scholar 

  34. OMG, Security Domain Membership Management Service, Final Submission, Ob-ject Management Group (2001)

    Google Scholar 

  35. Gao, S., et al.: Applying Aspect-Orientation in Designing Security Systems: A Case Study. In: The Sixteenth International Conference on Software Engineering and Knowledge Engi-neering, Banff, Alberta, Canada (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, University of British Columbia,  

    Konstantin Beznosov

Authors
  1. Konstantin Beznosov
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Zurich Research Laboratory, IBM Research GmbH, Säumerstrasse 4, 8803, Rüschlikon, Switzerland

    Thomas Gschwind

  2. Computer Laboratory, University of Cambridge, 15 JJ Thomson Avenue, CB3 0FD, Cambridge, UK

    Cecilia Mascolo

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Beznosov, K. (2005). Here’s Your LegoTM Security Kit: How to Give Developers All Protection Mechanisms They Will Ever Need. In: Gschwind, T., Mascolo, C. (eds) Software Engineering and Middleware. SEM 2004. Lecture Notes in Computer Science, vol 3437. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11407386_2

Download citation

  • DOI: https://doi.org/10.1007/11407386_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25328-0

  • Online ISBN: 978-3-540-31975-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation