Gay, Richard (2017)
A Generic Framework for Enforcing Security in Distributed Systems.
Technische Universität Darmstadt
Ph.D. Thesis, Primary publication
|
Text
20171128-Dissertation-ULB-RichardGay.pdf - Accepted Version Copyright Information: CC BY-NC-ND 4.0 International - Creative Commons, Attribution NonCommercial, NoDerivs. Download (1MB) | Preview |
Item Type: | Ph.D. Thesis | ||||
---|---|---|---|---|---|
Type of entry: | Primary publication | ||||
Title: | A Generic Framework for Enforcing Security in Distributed Systems | ||||
Language: | English | ||||
Referees: | Mantel, Prof. Dr. Heiko ; Probst, Prof. Dr. Christian W. | ||||
Date: | 2017 | ||||
Place of Publication: | Darmstadt | ||||
Date of oral examination: | 27 October 2017 | ||||
Abstract: | A large extent of today's computer programs is distributed. For instance, services for backups, file storage, and cooperative work are now typically managed by distributed programs. The last two decades also brought a variety of services establishing social networks, from exchanging short messages to sharing personal information to dating. In each of the services, distributed programs process and store sensitive information about their users or the corporations their users work for. Secure processing of the sensitive information is essential for service providers. For instance, businesses are bound by law to take security measures against conflicts of interest. Beyond legal regulations, service providers are also pressed by users to satisfy their demands for security, such as the privacy of their profiles and messages in online social networks. In both instances, the prospect of security violations by a service provider constitutes a serious disadvantage and deters potential users from using the service. The focus of this thesis is on enabling service providers to secure their distributed programs by means of run-time enforcement mechanisms. Run-time enforcement mechanisms enforce security in a given program by monitoring, at run-time, the behavior of the program and by intervening when security violations are about to occur. Enforcing security in a distributed program includes securing the behavior of the individual agents of the distributed program as well as securing the joint behavior of all the agents. We present a framework for enforcing security in distributed programs. The framework combines tools and techniques for the specification, enforcement, and verification of security policies for distributed programs. For the specification of security policies, the framework provides the policy language CoDSPL. For generating run-time enforcement mechanisms from given security policies and applying these mechanisms to given distributed programs, the framework includes the tool CliSeAu. For the verification of generated enforcement mechanisms, the framework provides a formal model in the process algebra CSP. All three, the policy language, the tool, and the formal model allow for the distributed units of enforcement mechanisms to cooperate with each other. For supporting the specification of cooperating units, the framework provides two techniques as extensions of CoDSPL: a technique for specifying cooperation in a modular fashion and a technique for effectively cooperating in presence of race conditions. Finally, with the cross-lining technique of the framework, we devise a general approach for instrumenting distributed programs to apply an enforcement mechanism whose units can cooperate. The particular novelty of the presented framework is that the cooperation to be performed can be specified by the security policies and can take place even when the agents of the distributed program do not interact. This distinguishing feature of the framework enables one to specify and enforce security policies that employ a form of cooperation that suits the application scenario: Cooperation can be used when one's security requirements cannot be enforced in a fully decentralized fashion; but the overhead of cooperation can be avoided when no cooperation is needed. The case studies described in this thesis provide evidence that our framework is suited for enforcing custom security requirements in services based on third-party programs. In the case studies, we use the framework for developing two run-time enforcement mechanisms: one for enforcing a policy against conflicts of interest in a storage service and one for enforcing users' privacy policies in online social networks with respect to the sharing and re-sharing of messages. In both case studies, we experimentally verify the enforcement mechanisms to be effective and efficient, with an overhead in the range of milliseconds. |
||||
Alternative Abstract: |
|
||||
URN: | urn:nbn:de:tuda-tuprints-69871 | ||||
Classification DDC: | 000 Generalities, computers, information > 004 Computer science | ||||
Divisions: | 20 Department of Computer Science 20 Department of Computer Science > Modeling and Analysis of Information Systems (MAIS) |
||||
Date Deposited: | 08 Dec 2017 08:37 | ||||
Last Modified: | 09 Jul 2020 01:55 | ||||
URI: | https://tuprints.ulb.tu-darmstadt.de/id/eprint/6987 | ||||
PPN: | 42370897X | ||||
Export: |
View Item |