Intrusion detection aware component-based systems: A specification-based framework
Journal of Systems and Software
Managing Trustworthiness in Component-based Embedded Systems
Electronic Notes in Theoretical Computer Science (ENTCS)
Host-Based Security Challenges and Controls: A Survey of Contemporary Research
Information Security Journal: A Global Perspective
Trust-based protection of software component users and designers
iTrust'03 Proceedings of the 1st international conference on Trust management
iTrust'05 Proceedings of the Third international conference on Trust Management
Hi-index | 0.00 |
Abstract: Software component technology on the one hand supports the cost-effective development of specialized applications. On the other hand, however, it introduces special security problems. Some major problems can be solved by the automated run-time enforcement of security policies. Each component is controlled by a wrapper which monitors the component's behavior and checks its compliance with the security behavior constraints of the component's employment contract. Since control functions and wrappers can cause substantial overhead, we introduce trust-adapted control functions where the intensity of monitoring and behavior checks depends on the level of trust, the component, its hosting environment, and its vendor have currently in the eyes of the application administration. We report on wrappers and a trust information service, shortly outline the embedding security model and architecture, and describe a Java Bean based experimental implementation.