Compositional Evolution of Secure Services using Aspects
This blog entry is the first about “Compositional Evolution of Secure Services using Aspects” (CESSA). It’s an industrial research project financed by the French ANR in collaboration with Ecole des Mines de Nantes, Eurecom, SAP and IS2T.This entry introduces the project and the goals pursued.
Service-oriented architectures (SOAs) constitute a major architectural style for large-scale infrastructures and applications that are built from loosely-coupled well-separated services. SOAs today are the major structuring principle of a multitude of commercial infrastructures and applications that consist of service compositions, in particular service orchestrations and choreographies. They may span a number of different organizations, and involve powerful servers as well as resource-constrained devices (e.g., mobile devices).
Such applications frequently are subject to stringent security requirements, for example, in order to protect company-internal data, avoid breaches of the right to privacy of clients, and provide tracing information for auditing purposes to official institutions. Security properties generally pervade software systems, in technical terms, security properties crosscut a service-based systems: security-relevant policies and implementations depend on (and affect) large parts of the underlying system.
Furthermore, service-based systems, notably enterprise information systems, are frequently subject to evolution because they cannot be shut down even for short interruptions. Such evolutions may, in particular, cross different administrative domains (that belong, e.g. to different branches of a company that use different security policies) or cross different technological domains (that may support, more or less general service models).
The CESSA industrial research project will provide solutions for the evolution of secure SOAs by providing an aspect-oriented structuring and programming model that allows security functionalities to be modularized, even if they cross administrative and technological domains. Overall CESSA aims at four contributions:
- The definition and implementation of a service model that enables modeling of service compositions within the administrative and technological domains of the CESSA partners, notably SAP’s large-scale service infrastructures and ERP applications, and IS2T’s infrastructures for resource-limited embedded devices.
- The definition and implementation of an aspect model that allows service-based systems to be evolved flexibly by, at the same time, guaranteeing correctness properties of evolutions.
- A security model for service-based systems, as well as corresponding analysis and enforcement mechanisms.
- Two applications of these models: an application to a service infrastructure for ERP systems from SAP and an integration with IS2T’s customized Java VMs for embedded devices.