A Domain Specific Language for Securing Distributed Systems

Author

Hamdi, Hédi ; Mosbah, Mohamed ; Bouhoula, Adel

Author_Institution

Univ. de Bordeaux, Talence

fYear

2007

fDate

25-31 Aug. 2007

Firstpage

76

Lastpage

76

Abstract

Distributed applications are becoming increasingly common. However, incorporating security in them remains a major challenge. There are currently few choices to express and enforce security in distributed systems. We can either use a special-purpose language which may be too limited to express security requirements, or use a general purpose language that provides the ability to make complicated security policy but makes us reimplement infrastructure code for authorization, interdiction, obligation and so on with each new security policy. In this paper, we introduce a domain-specific language approach that takes the middle road, giving a way to reuse security infrastructure for new policies while also allowing the expression of complicated security policy easily. We present our DSL approach and and apply it to a real-world scenario: specification and implementation of security policy.

Keywords

distributed processing; programming languages; security of data; DSL approach; distributed system security; domain-specific language approach; general purpose language; infrastructure code; security policy; special-purpose language; Access control; Authorization; Communication system security; Context-aware services; DSL; Data security; Domain specific languages; National security; Quality of service; Roads;

fLanguage

English

Publisher

ieee

Conference_Titel

Systems and Networks Communications, 2007. ICSNC 2007. Second International Conference on

Conference_Location

Cap Esterel

Print_ISBN

0-7695-2938-0

Electronic_ISBN

978-0-7695-2938-7

Type

conf

DOI

10.1109/ICSNC.2007.2

Filename

4300048