Role-based security for configurable distributed control systems

Abstract

Although the Common Object Request Broker Architecture (CORBA) simplifies the implementation of complex, distributed systems significantly, the support of techniques for reliable, fault-tolerant, and secure software is very limited. Extensions, such as the CORBAsec specification provide only a limited choice of coarse-grained mechanisms to specify access rights for components. Any fault-tolerance or security extension for CORBA components needs to trade off data abstraction and encapsulation against implementation specific knowledge about a component's internal behavior, resource usage, interaction and access patterns. These non-functional aspects of a component are crucial for the predictable behavior of security and fault-tolerance mechanisms. However, in contrast to CORBA's interface definition language (IDL), which describes a component's functional interface, there is no general means to describe a component's nonfunctional properties, such as security settings or fault-tolerance. The authors present an approach to role based security for CORBA. Following the idea of aspect oriented programming, we have developed a description language for security settings. The description language uses the eXtended Markup Language (XML) as an underlying representation and allows specification of access rights independently from an object's implementation. A role-editor tool allows for configuration of a component's security settings without affecting the component's source code. Security settings are enforced by our enhanced version of the ORBacus CORBA implementation.