The Role of Reflective Middleware in Supporting Flexible Security Policies
Next generation middleware must support applications in the face of increasing diversity in interaction paradigms, end system types and network styles. Therefore, to secure applications, flexible security policies must be configured and indeed reconfigured at run-time. In this paper, the authors propose an approach combining the openness of reflective middleware with the flexibility of programmable security to meet such demands. In particular, they build a security architecture based on the Gridkit reflective middleware platform and the Obol security protocol programming language. The paper then describes a case study that uses flexible policies in order to secure remote procedure calls and secure group communication. They also evaluate this approach in terms of its security properties, flexibility, ease of use and extensibility.