Role-based security for configurable distributed control systems

Although the Common Object Request Broker Architecture (CORBA) simplifies the implementation of complex, distributed systems significantly, the support of techniques for reliable, fault-tolerant, and secure software is very limited. Extensions, such as the CORBAsec specification provide only a limited choice of coarse-grained mechanisms to specify access rights for components. Any fault-tolerance or security extension for CORBA components needs to trade off data abstraction and encapsulation against implementation specific knowledge about a component´s internal behavior, resource usage, interaction and access patterns. These non-functional aspects of a component are crucial for the predictable behavior of security and fault-tolerance mechanisms. However, in contrast to CORBA´s interface definition language (IDL), which describes a component´s functional interface, there is no general means to describe a component´s nonfunctional properties, such as security settings or fault-tolerance. The authors present an approach to role based security for CORBA. Following the idea of aspect oriented programming, we have developed a description language for security settings. The description language uses the eXtended Markup Language (XML) as an underlying representation and allows specification of access rights independently from an object´s implementation. A role-editor tool allows for configuration of a component´s security settings without affecting the component´s source code. Security settings are enforced by our enhanced version of the ORBacus CORBA implementation