CliSeAu is a tool for dynamic enforcement of system-wide security requirements in distributed Java programs. CliSeAu enables one to enforce security requirements in a decentralized yet coordinated fashion. CliSeAu implements the concept of Service Automata developed in the MAIS group. Details about CliSeAu can be found in the key publication about CliSeAu at ICISS 2014, "CliSeAu: Securing Distributed Java Programs by Cooperative Dynamic Enforcement".
CliSeAu combines two architectures. Firstly, there is the architecture of the tool itself. A coarse-grained illustration of this architecture is provided below. The architecture shows that CliSeAu expects as input the JAR files of the distributed target program (the bytecode of the agents) as well as an instantiation of the enforcement capsules (more below). The output of CliSeAu is an instrumented target program, in which each agent (i.e., each non-distributed component of the program) is encapsulated by an enforcement mechanism.
The second architecture behind CliSeAu is the runtime architecture of enforcement capsules. An enforcement capsule is a non-distributed component of a distributed enforcement mechanism generated by CliSeAu. Each such enforcement capsule is applied to an agent of the distributed target program.
More details about CliSeAu can be found in the paper linked above.
CliSeAu can be obtained by downloading CliSeAu-20141008.tar.gz (1.9MB). This download contains the following parts:
CliSeAu was developed and tested under Linux with Java 7 and AspectJ 1.7.4. Details about further libraries can be found in the README file contained in the root directory of the download.
Instructions for compiling CliSeAu from the source code and for running CliSeAu on the example instances can be found in the contained README file.