1 / 1

Akshay Dabholkar, Joe Hoffert, Aniruddha Gokale, and Doug Schmidt

Enhancing Security in Enterprise Distributed Real-time and Embedded Systems using Domain-specific Modeling. Durability- Volatile. Durability- Transient. Durability- Volatile. Durability- Transient. Deadline- 20ms. Deadline- 10ms. Deadline- 15ms. Deadline- 20ms. Deadline- 10ms.

chipo
Download Presentation

Akshay Dabholkar, Joe Hoffert, Aniruddha Gokale, and Doug Schmidt

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Enhancing Security in Enterprise Distributed Real-time and Embedded Systems using Domain-specific Modeling Durability- Volatile Durability- Transient Durability- Volatile Durability- Transient Deadline- 20ms Deadline- 10ms Deadline- 15ms Deadline- 20ms Deadline- 10ms Deadline- 10ms Deadline- 10ms Deadline- 15ms Deadline- 10ms Timebased- 5ms Timebased- 5ms Liveliness- Manual By Topic Liveliness- Manual By Topic Liveliness- Automatic Liveliness- Automatic Reliability- Reliable Reliability- Reliable Reliability- Reliable Reliability- Reliable Reliability- Reliable Interface Security QoS National/International Power Grid Constellations of Satellites Component Security QoS Homeland Defense Domain-Specific Security Policy Air Traffic Management Akshay Dabholkar, Joe Hoffert, Aniruddha Gokale, and Doug Schmidt Addressing Security via the Security Quality of Service (QoS) Modeling Language (SQML) Motivating Example: Ultra-Large Scale (ULS) Systems • ULS systems require: • Security – capability of the system to provide confidentiality, integrity, and availability on the ULS system data and services both locally and globally • Trust – extent to which users of the ULS system will be able to rely on the data and services of the ULS system • Resiliency – capability of the ULS system to maintain an acceptable level of service while under stress from adverse environmental conditions such as attacks or cascading failures • Modeling CCM role-based access control (RBAC) rules and rights at design time • Eliminates tedious and error-prone role-based checking at run-time • Allows definition of platform-specific rights families like a PIM • Allowing multilevel Security QoS provisioning through a configurable security policy framework • Eliminates time consuming and inefficient runtime checks for consistency, conflicts, redundancy. • Tailored to meet domain & application specific QoS requirements • Providing fine-grained as well as coarse-grained access control and security guarantees • Facilitates flexibility as well as customization • Defining annotations for configuring security in component middleware • Allows middleware configurations specific to the needs of different parts of a system • Enables secure application deployment through middleware configuration • Provisioning for defining Workflow/Business Process/Critical Path security • Challenges for EDRE Middleware: • End-to-end Security – security must be incorporated into all aspects and layers of the application • Correctness – design of the application must be ensured when deployed • Redundancy – backups of critical pieces of the application must be configured properly and take over when needed Conforms to Policy Ongoing Research Addressing Trust & Resiliency via the DDS Quality of Service (QoS) Modeling Language (DQML) • Creation of higher level DDS services built on DQML work • Discovery and documentation of DDS patterns • Creation of DDS fault-tolerance service (e.g., using ownership/ownership strength, durability policies, multiple readers and writers, hot-swap and failover DDS pattern) • Creation of DDS real-time data service (e.g., using deadline, transport priority, latency budget policies, continuous data pattern) • Generation of security mapping and security platform independent model (PIM) • Map SQML’s RBAC onto DDS security service • Develop security PIM with SQML and DQML security services as input • Enhances trust by supporting correct-by-construction QoS configurations at design time • Eliminates complex, tedious, and error-prone QoS compatibility and consistency checking at run-time or compile-time • Provides separation of concerns to facilitate configuration analysis better • Generates application artifacts (e.g., configuration files) • Supports resiliency research by providing a base for higher level DDS resiliency services • Model redundant replicas with desired properties in DQML • Basis for DDS fault-tolerant service Security PIM Power Substation 1 SQML input to security PIM DQML input to security PIM Power Substation 2 Power Substation Status Nuclear Reactor Status Map SQML security onto DQML Nuclear Reactor Nuclear Reactor Control Room Power Substation 3 Power Grid Control Room Nuclear Reactor Status Data flows as intended via correct-by-construction QoS configurations (e.g., Power Grid ULS System) Nuclear Reactor Nuclear Reactor Control Room March 20, 2007

More Related