Coordinating Distributed Security Enforcement


Dynamically enforcing security requirements in distributed programs in general
cannot be performed soundly by isolated mechanisms at the program's distributed
components. The challenge is therefore to coordinate the enforcement of
distributed mechanisms in a way that enables sound decision-making, even in the
case of concurrent distributed occurrences of events.

We present CliSeAu, a tool for distributed security enforcement that implements
the concept and formal model of Service Automata. CliSeAu allows one to
coordinate distributed enforcement by delegating the decision-making among the
distributed mechanisms. The concrete delegation strategy can be chosen when
using CliSeAu. We focus on a form of delegation that is based on partitioning
security-relevant events into classes of responsibilities. We illustrate this
approach at the example of enforcing a Chinese Wall requirement in a distributed
storage service. For this scenario, we could show sound enforcement using the
formal model of Service Automate.