Runtime Enforcement of Dynamic Security Policies

Description

The security policies of an application can change at runtime due to several reasons, as for example the changes on the user preferences, the lack of enough resources in mobile environments or the negotiation of security levels between the interacting parties. As these security policies change, the application code that copes with the security functionalities should be adapted in order to enforce at runtime the changing security policies. In this paper we present the design, implementation and evaluation of a runtime security adaptation service. This service is based on the combination of autonomic computing and aspect-oriented programming, where the security functionalities are implemented as aspects that are dynamically configured, deployed or un-deployed by generating and executing a security adaptation plan. This service is part of the INTERTRUST framework, a complete solution for the definition, negotiation and run-time enforcement of security policies.

Abstract

European Union INTER-TRUST FP7- 317731

Abstract

Ministerio de Economía y Competitividad TIN2012-34840

Abstract

Junta de Andalucía FamiWare P09-TIC-5231

Abstract

Junta de Andalucía MAGIC P12-TIC1814

Additional details