RDyMASS: Reliable and Dynamic Enforcement of Security Policies for Mobile Agent Systems
Defining security policies is a crucial stage for an efficient implementation of security within mobile agent systems.To enforce these policies in a reliable way, it is necessary to make use of formal techniques which offer enough flexibility and expressiveness, and which provide a rigorous reasoning about the security of mobile agent systems security.
The migration of the agent between several systems can lead to inconsistencies between its policy and the policy of the system. These incoherencies may require a dynamic reconfiguration of the security policies of the system and the agent. This reconfiguration cannot be efficient without the use of mechanisms that improve the modularity of the security code.
In this paper, we aim to dynamically enforce security policies in mobile agent systems in modular and reliable way. For this purpose, we combine formal methods and aspect oriented programming. We propose a three-step approach to enforce security policies in the form of aspects that will be generated through a reliable specification of security policies.
KeywordsSecurity policy Mobile agent systems Dynamic enforcement Aspect-oriented Programming
Unable to display preview. Download preview PDF.
- 2.Viega, J., Bloch, J.T., Ch, P.: Applying aspect-oriented programming to security. Cutter IT Journal 14, 31–39 (2001)Google Scholar
- 3.Talhi, C.: Memory-Constrained Security enforcement. PhD thesis, Faculty of Graduated Studies at Laval University, Canada (2007)Google Scholar
- 4.Erlingsson, U., Schneider, F.B.: SASI enforcement of security policies: A retrospective. In: Proceedings of the 1999 Workshop on New Security Paradigms, pp. 87–95. ACM, New York (1999)Google Scholar
- 6.Woodcock, J., Davies, J.: Using Z: Specification Refinement and Proof. International Thomson Computer Press (1996)Google Scholar
- 7.Meisels, I., Saaltink, M.: The Z/EVES Reference Manual (for Version 1.5). Technical report, ORA Canada (1997)Google Scholar
- 8.Khan, K.: JBoss AOP: Framework for Organizing Cross Cutting Concerns (2006), http://jboss.org/jbossaop/
- 9.Loulou, M., Kacem, A.H., Jmaiel, M., Mosbah, M.: A Formal Security Framework for Mobile Agent Systems: Specification and Verification. In: Proceedings of the 3rd International Conference on Risks and Security of Internet and Systems, Tozeur, Tunisia, pp. 69–76. IEEE, Los Alamitos (2008)CrossRefGoogle Scholar
- 12.Aglets: Mobile Agent System: Aglets (1996), http://www.trl.ibm.com/aglets/
- 18.Hashii, B., Malabarba, S., Pandey, R., Bishop, M.: Supporting reconfigurable security policies for mobile programs. International Journal of Computer and Telecommunications Netowrking 33, 77–93 (2000)Google Scholar
- 19.Georg, G., Ray, I., France, R.: Using aspects to design a secure system. In: Proceedings of the Eighth International Conference on Engineering of Complex Computer Systems, p. 117. IEEE Computer Society, Los Alamitos (2002)Google Scholar