Integrating Security Policies via Container Portable Interceptors

1
Integrating Security Policies via Container
Portable Interceptors

• Na Xu
• Middleware Reading Group
• 8 May 2006

2
Introduction

• Discuss the paper published at RM05
• Integrating Security Policies via Container
  Portable Interceptors
• Security Architecture for GridKit

3
Motivation

• Develop middleware with less consideration of
  security policies
• Common solution directly implement security
  enforcement in the application source code
• Con.
• Require that the persons designing and
  implementing the application components are
  security specialists.
• The coupling of functional and non functional
  aspects hinders component reusability

4
Challenges

• Separate functional and non functional parts of
  an application
• Component-define business logic
• Separate security policy- enforced by runtime
  infrastructure of component
• Solution
• A generic framework to define and evaluate
  security policies
• Integrate the security framework into middleware
  platform

5
System Architecture

• Targeted middleware platform
• CORBA Component Model (CCM)
• Security Framework
• OpenPMF Policy Management Framework
• Others
• Container Portable Interceptor and QoS Enabler

6
CORBA Components

• Object Model of CCM

7
Container of CORBA Component
8
CORBA Security

• CORBA security service provide
• Security administration
• Authentication
• Security context establishment
• Access control
• Security audit
• Non-repudiation
• Fundamental shortcoming
• No precise and persistent names for object
  instances
• No support for the technology-neutral
  representation of security information

9
OpenPMF

• Properties
• A Policy Management Framework to define, manage
  and enforce security policies
• Technology-neutral, human-readable security
  policy is stored centrally, consistently and
  flexibly
• Technically
• Based on MDA approach
• Security policies are expressed in terms of
  attributes describing clients, initiators,
  targets, operations or other context information
• PDL Policy Definition Language
• Policy Repository MOF based
• PEP Policy Enforcement Points
• Architecture overview

10
(No Transcript)
11
Context Information

• Description of the context
• Functional target of call or operation invoked
• Non-functional clients credential
• Sources of context information
• Security mechanism
• Middleware platform
• Challenge
• Lack of standardization of its format and
  semantic
• Impossible to foresee all possibilities in policy
  evaluator
• Solution Transformer

12
Transformer

• Transformer an orthogonal approach for handling
  context information
• Provide a uniform interface to the underlying
  data source
• Translate security info from technology-specific
  to technology-independent
• Provide additional mappings identity-to-role or
  clustering into application domains
• Provide required comparison functionality

13
Policy Definition and Evaluation

• OpenPMF use meta-policy
• Use UML model to define meta-policy
• Use MOF standard to define the mapping of the
  model to IDL interface (e.g. from meta-policy to
  repository with CORBA IDL interface)
• Use PDL describe policy hierarchy and rule (i.e.
  meta-model)
• Policy Evaluator (called Adapter at runtime)
• Deal with policy enforcement
• Integrate into the middlewares call chain

14
Container Portable Interceptor

• Portable Interceptors (PI) in CORBA
• Component Portable Interceptors (COPI)
• Adapt PI into CCM
• Provide more flexibility than CORBA PI
• Architecture
• Basic part COPI interception points is called
  while ORB is dispatching a call
• Extended part COPI interception points is called
  while CCM container is dispatching a call
• Different flow-role between two parts
• Extended interceptor can modify the behavior of
  component by providing different behavior without
  changing component implementation

15
Interception Points
16
Basic and Extended Interceptors
17
QoS Enabler

• Implement the COPI interface and register the
  interface within the container
• A QoS Enabler is a specialized component that can
  be loaded into a specialized CCM component and is
  able to hook in additional functionality

18
QoS Enabler in extension container
19
Conclusions (about paper)

• An integrated security middleware based on CORBA
  Component model and OpenPMF policy management
  framework
• QoS Enabler is used to provide implementation of
  the Container Potable Interceptors and provide
  the hook required by security enforcement
• Security policies is based on model based
  software engineering process resulting in
  automated and assisted policy generation

20
Security Architect for Gridkit

• Integrate security by meta-model interface
• Properties
• Open and programmable
• dynamically configurable and reconfigurable
  (interaction styles and device platforms)
• Configuration rules
• Initial and attach interceptors
• Load security policies
• Security services
• Confidentiality/Authentication/Integrity/Non-repud
  iation

21
The future

• Abstract security policy definition
• Security policy management
• N.B. need more strong interceptor (selected,
  symmetric) flexible behavior interception

22
Questions?

• Questions?
• More resources
• www.objectsecurity.com