Skip to main content

Towards application driven security dashboards in future middleware

Abstract

Contemporary middleware must facilitate the customization of a built-in services framework, such that non-functional requirements emerging from the engineering process are met. This must be achieved by facilitating adaptation and selection of appropriate services without carrying the load, footprint, and overhead of a bloated system.

We illustrate the concept and approach with an example in the domain of security engineering of a large scale, internet based application in the domain of online document processing. In addition, we sketch why such an approach cannot only yield the desired variants of middleware security services, but also application-driven security dashboards, i.e. the tools to monitor and manage the actual security environment. The resulting research findings plead for a research agenda that revisits reflection and that enables model-driven software techniques to be used in the just-in-time generation of co-existing middleware variants.

References

  1. 1.

    Globus Alliance: Globus Toolkit 4 API. http://www.globus.org/toolkit/docs/4.2/4.2.1/security/

  2. 2.

    Axiomatics: Axiomatics Policy Server 4.0 (2010) http://www.axiomatics.com/products/axiomatics-policy-server.html

  3. 3.

    Blair GS, Coulson G, Robin P, Papathomas M (1998) An architecture for next generation middleware. In: Proceedings of the IFIP international conference on distributed systems platforms and open distributed processing. Springer, London

    Google Scholar 

  4. 4.

    Borger WD, Lagaisse B, Joosen W (2011) Traceability between run-time and development time abstractions. In: Jane Cleland-Huang OG, Zisman A (eds) Software and systems traceability. Springer, Berlin

    Google Scholar 

  5. 5.

    Borger WD, Lagaisse B, Joosen W (2011) A generic solution for agile run-time inspection middleware. In: Middleware’11.

    Google Scholar 

  6. 6.

    Chadwick D, Zhao G, Otenko S, Laborde R, Su L, Nguyen TA (2008) Permis: a modular authorization infrastructure. Concurr Comput Pract Exp 20:1341–1357

    Article  Google Scholar 

  7. 7.

    Chadwick DW, Su L, Laborde R (2008) Coordinating access control in grid services. Concurr Comput Pract Exp 20:1071–1094

    Article  Google Scholar 

  8. 8.

    Clarke M, Blair G, Coulson G, Parlavantzas N (2001) An efficient component model for the construction of adaptive middleware. In: Middleware 2001, pp 160–178

    Google Scholar 

  9. 9.

    Delaet T, Joosen W (2007) Podim: a language for high-level configuration management. In: Proceedings of the 21st conference on large installation system administration conference. USENIX association

    Google Scholar 

  10. 10.

    Delgado N, Gates AQ, Roach S (2004) A taxonomy and catalog of runtime software-fault monitoring tools. IEEE Trans Softw Eng 30(12):859–872

    Article  Google Scholar 

  11. 11.

    IBM: IBM Tivoli Access Manager. http://www-01.ibm.com/software/tivoli/products/access-mgr-e-bus/

  12. 12.

    Internet2MiddlewareInitiative/MACE: Shibboleth 2. http://wiki.shibboleth.net/confluence/display/SHIB2

  13. 13.

    Karjoth G (2003) Access control with ibm tivoli access manager. ACM Trans Inf Syst Secur 6(2):232–257

    Article  Google Scholar 

  14. 14.

    Kiczales G, Lamping J, Menhdhekar A, Maeda C, Lopes C, Loingtier JM, Irwin J (1997) Aspect-oriented programming. In: Proceedings European conference on object-oriented programming, vol 1241. Springer, Berlin

    Google Scholar 

  15. 15.

    Kiczales G, Rivir̀es JD, Bobrow DG (1991) The art of the metaobject protocol. MIT Press, Cambridge

    Google Scholar 

  16. 16.

    Kon F, Román M, Liu P, Mao J, Yamane T, Magalhães C, Campbell RH (2000) Monitoring, security, and dynamic configuration with the dynamicTAO reflective ORB. In: Middleware’00: IFIP/ACM international conference on distributed systems platforms. Springer, New York

    Google Scholar 

  17. 17.

    Kuhns F, O’Ryan C, Schmidt D, Othman O, Parsons J (1999) The design and performance of a pluggable protocols framework for object request broker middleware. In: Proceedings of the IFIP, vol 6

    Google Scholar 

  18. 18.

    Lagaisse B, Joosen W (2006) True and transparent distributed composition of aspect-components. In: Middleware’06: proceedings of the ACM/IFIP/USENIX 2006 international conference on middleware. Springer, New York

    Google Scholar 

  19. 19.

    Ledoux T (1999) OpenCorba: a reflective open broker. In: Reflection’99. Springer, London

    Google Scholar 

  20. 20.

    Maes P (1987) Concepts and experiments in computational reflection. In: OOPSLA’87. ACM, New York

    Google Scholar 

  21. 21.

    Malhotra D (2011) Devanand: Mgc middleware for grid computing: the globus toolkit. In: Proceedings of the international conference on advances in computing and artificial intelligence, ACAI’11. ACM, New York

    Google Scholar 

  22. 22.

    Pawlak R, Duchien L, Florin G, Seinturier L (2001) Jac: A flexible solution for aspect-oriented programming in java. In: Metalevel architectures and separation of crosscutting concerns

    Google Scholar 

  23. 23.

    Rissanen E, Brossard D, Slabbert A (2009) Distributed access control management—a xacml-based approach. In: ICSOC-servicewave. Springer, Berlin

    Google Scholar 

  24. 24.

    Schmidt DC, Levine DL, Mungee S (1998) The design of the TAO real-time object request broker. Comput Commun 21(4):294–324

    Article  Google Scholar 

  25. 25.

    Sigelman BH, Barroso LA, Burrows M, Stephenson P, Plakal M, Beaver D, Jaspan S, Shanbhag C (2010) Dapper, a large-scale distributed systems tracing infrastructure. In: Google research

    Google Scholar 

  26. 26.

    Smith BC (1982) Reflection and semantics in a procedural language. Ph.D. thesis, MIT

  27. 27.

    Sullivan GT (2001) Aspect-oriented programming using reflection and metaobject protocols. Commun ACM 44(10):95–97

    Article  Google Scholar 

  28. 28.

    Sun Microsystems I.: Java management extensions (2009) http://java.sun.com/javase/technologies/core/mntr-mgmt/javamanagement/

  29. 29.

    Truyen E, Vanhaute B, Joosen W, Verbaeten P, Jorgensen BN (2001) Dynamic and selective combination of extensions in component-based applications. In: Proceedings of the 23rd international conference on software engineering, ICSE 2001

    Google Scholar 

  30. 30.

    Wangham MS, Lung LC, Westphall CM, Fraga JS (2001) Integrating SSL to the JaCoWeb security framework: project and implementation. In: Proceedings of the 7th international symposium on integrated network management–IM

    Google Scholar 

  31. 31.

    Zanikolas S, Sakellariou R (2005) A taxonomy of grid monitoring systems. Future Gener Comput Syst 21:163–188

    Article  Google Scholar 

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to Bert Lagaisse.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Joosen, W., Lagaisse, B., Truyen, E. et al. Towards application driven security dashboards in future middleware. J Internet Serv Appl 3, 107–115 (2012). https://doi.org/10.1007/s13174-011-0047-6

Download citation

Keywords

  • Middleware
  • Security
  • Adaptive middleware
  • Monitoring
  • Software-as-a-service