Abstract
Defining security policies is a crucial stage for an efficient implementation of security within mobile agent systems.To enforce these policies in a reliable way, it is necessary to make use of formal techniques which offer enough flexibility and expressiveness, and which provide a rigorous reasoning about the security of mobile agent systems security.
The migration of the agent between several systems can lead to inconsistencies between its policy and the policy of the system. These incoherencies may require a dynamic reconfiguration of the security policies of the system and the agent. This reconfiguration cannot be efficient without the use of mechanisms that improve the modularity of the security code.
In this paper, we aim to dynamically enforce security policies in mobile agent systems in modular and reliable way. For this purpose, we combine formal methods and aspect oriented programming. We propose a three-step approach to enforce security policies in the form of aspects that will be generated through a reliable specification of security policies.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C.V., Loingtier, J., Irwin, J.: Aspect-Oriented Programming. In: Aksit, M., Matsuoka, S. (eds.) ECOOP 1997. LNCS, vol. 1241, pp. 220–242. Springer, Heidelberg (1997)
Viega, J., Bloch, J.T., Ch, P.: Applying aspect-oriented programming to security. Cutter IT Journal 14, 31–39 (2001)
Talhi, C.: Memory-Constrained Security enforcement. PhD thesis, Faculty of Graduated Studies at Laval University, Canada (2007)
Erlingsson, U., Schneider, F.B.: SASI enforcement of security policies: A retrospective. In: Proceedings of the 1999 Workshop on New Security Paradigms, pp. 87–95. ACM, New York (1999)
Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security 3, 30–50 (2000)
Woodcock, J., Davies, J.: Using Z: Specification Refinement and Proof. International Thomson Computer Press (1996)
Meisels, I., Saaltink, M.: The Z/EVES Reference Manual (for Version 1.5). Technical report, ORA Canada (1997)
Khan, K.: JBoss AOP: Framework for Organizing Cross Cutting Concerns (2006), http://jboss.org/jbossaop/
Loulou, M., Kacem, A.H., Jmaiel, M., Mosbah, M.: A Formal Security Framework for Mobile Agent Systems: Specification and Verification. In: Proceedings of the 3rd International Conference on Risks and Security of Internet and Systems, Tozeur, Tunisia, pp. 69–76. IEEE, Los Alamitos (2008)
Kallel, S., Charfi, A., Mezini, M., Jmaiel, M., Klose, K.: From Formal Access Control Policies to Runtime Enforcement Aspects. In: Massacci, F., Redwine Jr., S.T., Zannone, N. (eds.) ESSoS 2009. LNCS, vol. 5429, pp. 16–31. Springer, Heidelberg (2009)
Greenwood, P., Blair, L.: A framework for policy driven auto-adaptive systems using dynamic framed aspects. In: Rashid, A., Aksit, M. (eds.) Transactions on Aspect-Oriented Software Development II. LNCS, vol. 4242, pp. 30–65. Springer, Heidelberg (2006)
Aglets: Mobile Agent System: Aglets (1996), http://www.trl.ibm.com/aglets/
Dias, P., Ribeiro, C., Ferreira, P.: Enforcing history-based security policies in mobile agent systems. In: Proceedings of the 4th International Workshop on Policies for Distributed Systems and Networks, p. 231. IEEE Computer Society, Los Alamitos (2003)
Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The ponder policy specification language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–38. Springer, Heidelberg (2001)
Montanari, R., Stefanelli, C., Dulay, N.: Flexible security policies for mobile agent systems. Microprocessors and Microsystems 25, 93–99 (2001)
McDonald, J.T., Yasinsac, A.: Application security models for mobile agent systems. Electronic Notes in Theoretical Computer Science 157, 43–59 (2006)
Ugurlu, S., Erdogan, N.: A flexible policy architecture for mobile agents. In: Wiedermann, J., Tel, G., Pokorný, J., Bieliková, M., Štuller, J. (eds.) SOFSEM 2006. LNCS, vol. 3831, pp. 538–547. Springer, Heidelberg (2006)
Hashii, B., Malabarba, S., Pandey, R., Bishop, M.: Supporting reconfigurable security policies for mobile programs. International Journal of Computer and Telecommunications Netowrking 33, 77–93 (2000)
Georg, G., Ray, I., France, R.: Using aspects to design a secure system. In: Proceedings of the Eighth International Conference on Engineering of Complex Computer Systems, p. 117. IEEE Computer Society, Los Alamitos (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Aloulou, H., Loulou, M., Kallel, S., Hadj Kacem, A. (2010). RDyMASS: Reliable and Dynamic Enforcement of Security Policies for Mobile Agent Systems. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., Roudier, Y. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2009 2009. Lecture Notes in Computer Science, vol 5939. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11207-2_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-11207-2_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-11206-5
Online ISBN: 978-3-642-11207-2
eBook Packages: Computer ScienceComputer Science (R0)