For participants:






For authors:

Call for papers

CfP in PDF

Submit a paper

Camera ready


Modern applications are increasingly built around middleware platforms supporting distributed programming paradigms. In this context, security is a major concern as new threats continuously emerge. The workshop is going to be an exciting venue where the security and middleware communities can have a common, interactive forum for discussing and exchanging their views on these challenging topics. Don't miss the opportunity to share your ideas with other top researchers and practitioners in the field.

We look forward to seeing you in Leuven!
Riccardo Scandariato and Giovanni Russello
Program Chairs


Emil Lupu, Department of Computing, Imperial College London
The Helix of Policy Evolution and Research Challenges for Policy-Based Middleware

Policy-based techniques have often been proposed to enable systems to adapt to changing contexts. By separating the policy from the system implementation the adaptation strategy can be dynamically changed whilst minimising disruption to the running system. Although significant research efforts have been devoted to policy-based systems, a number of research issues such as the use of obligations, policy analysis, conflict resolution, and policy deployment strategies periodically reemerge. Yet at the same time, new research issues and new application areas are appearing as policy-based techniques are increasingly adopted in autonomous pervasive systems. This talk attempts to discuss some of the recurrent issues in policy-based systems, solutions that have been proposed and challenges that will need to be addressed for these techniques to be viable in future environments.

Full papers (click on the titles to download the slides)

Richard Brinkman, Lukasz Chmielewski, Jaap-Henk Hoepman and Bert Bos
Using JASON to secure SOA

Nowadays business applications closely collaborate with other business applications by sharing one or more services. Unfortunately, opening your business application to the outside world also sacri?ces security. There is quite a number of standards that aims at protecting these services. However, most of these standards require special knowledge about security and are cumbersome to use. Our JASON1 framework aims at simplifying the task of securing services. A programmer simply annotates his code with appropriate keywords and our tools will generate the security related code. The programmer can simply concentrate on the business application, while the JASON framework does the necessary cryptography.

Thomas Quillinan, Martijn Warnier, Michel A. Oey, Reinier Timmer and Frances Brazier
Enforcing Security in the AgentScape Middleware

Multi Agent Systems (MAS) provide a useful paradigm for accessing distributed resources in an autonomic and self-directed manner. Resources, such as web services, are increasingly becoming available in large distributed environments. Currently, numerous multi agent systems are available. However, for the multi agent paradigm to become a genuine mainstream success certain key features need to be addressed: the foremost being security. While security has been a focus of the MAS community, configuring and managing such multi agent systems typically remains non-trivial. Well defined and easily configurable security policies address this issue. A security architecture that is both flexible and featureful is prerequisite for a MAS. A novel security policy management system for multi agent middleware systems is introduced. The system facilitates a set of good default con?gurations but also allows extensive scope for users to develop customised policies to suit their individual needs. An agent middleware, AgentScape, is used to illustrate the system.

Jatinder Singh, David Eyers and Jean Bacon
Controlling Historical Information Dissemination in Publish/Subscribe

Application environments dealing with sensitive information require mechanisms to define the circumstances for data disclosure. In event-based environments, access control typically concerns messages (events) as they occur. However, scenarios exist in which the retrieval of historical information is required. The publish/subscribe paradigm decouples producers from consumers, where information from numerous sources can satisfy an information request (subscription). These sources may be unknown to subscribers. This paper describes a unified approach for managing the disclosure of both historical and future events. We show, with the aid of healthcare scenarios, how context and access mechanisms can be used for fine-grained control over the circumstances for information disclosure.

Rudolf Schreiner and Ulrich Lang
Protection of Complex Distributed Systems

Today, the challenge in security of complex distributed systems does not anymore lie in encryption or access control of a single middleware platform, but in the protection of the system as a whole. This includes the definition of correct security policies at various abstraction layers, and also in the unified and correct management and enforcement of the correct security policy at all relevant places in the system. As the authors have learned in the development even of comparatively simple distributed systems, e.g. an Air Traffic Control simulation system, this is not possible anymore by a manual definition of encryption properties and access control rules. Human security administrators are not able to define all these fine grained rules with sufficient assurance, to distribute them to all Policy Enforcement Points and to check many log files or admin consoles. This is especially impossible in highly distributed and agile service oriented or data driven systems. In this paper, the authors describe an integrated approach to protect such complex and heterogeneous systems. It is based on Model Driven Security, to generate high assurance security policies, rules and configurations from the systems functional model and a high level security policy, and the OpenPMF Policy Management Framework to manage and correctly enforce the security policy in the system. As a proof of concept, the protection of a prototypical implementation of System Wide Information Management (SWIM) in Air Traffic Management is briefly described.

Tom Goovaerts, Bart De Win and Wouter Joosen
A Comparison of Two Approaches for Achieving Flexible and Adaptive Security Middleware

Open and dynamic business environments require flexible middleware that can be customized, reconfigured and adapted dynamically to face the changing environment and requirements. In this respect, the mechanism for composing middleware services with application code has an important impact on the kinds of adaptations that can be supported. This paper studies this problem in the context of security middleware. A bus-based architecture for integrating security middleware services is proposed and a qualitative comparison of the flexibility of the approach with an alternative AO-middleware-based approach is presented.

David Chadwick
Enforcing Sticky Security Policies Throughout a Distributed Application

Existing policy enforcement points (PEPs) typically call a local policy decision point (PDP) running at the local site, either embedded in the application, or running as a local stand alone service. In distributed applications, the PDPs at each site do not usually coordinate decision making amongst themselves, and do not pass policies between themselves. Thus it becomes very difficult to enforce sticky policies such as privacy policies and obligations at all the sites in a distributed application. This paper looks at different ways in which the PEPs and PDPs of a distributed application may share policies between themselves so as to enforce sticky policies throughout a distributed application. Three alternative models are described, the Application Protocol Enhancement Model, the Encapsulating Security Layer Model and the Back Channel Model. The strengths and weaknesses of the three models are evaluated, and we compare them to prior research in the field.

Short papers (click on the titles to download the slides)

Brian Shand and Jem Rashbass
Security for Middleware Extensions: Event Meta-Data for Enforcing Security Policy

As messaging middleware technology matures, users demand increasingly many features, leading to modular middleware architectures. However, extra complexity increases the risk of a security breach, arising from a vulnerability in one module or a misconfiguration of the module linkages. In this position paper, we present a framework for enforcing security policies between middleware modules, which simultaneously facilitates co-design of application and middleware security. For example, a healthcare application might require (1) all clinical data to be encrypted in transit, (2) a log of all messages sent and delivered (revealing no disclosive patient information), and (3) parameterised role based access control on message delivery. In our framework, we can satisfy all of these requirements, even when each feature is implemented as a separate extension module: extensions tag events with meta-data, and this meta-data guides the enforcement of the security policy. Exposing this meta-data to applications can help to unite application and middleware security policy.

Jinfu WANG and John Bigham
Anomaly Detection in the Case of Message Oriented Middleware
(not presented)
Message Oriented Middleware (MOM), provides reliable messaging service and transparent interoperation mechanism for different kinds of distributed web based applications. Different MOMs have also been providing basic security services such as authentication, access control, and communication encryption. These basic security services do not necessarily prevent compromised or malicious clients from delivering attack across MOM platforms. This paper presents our preliminary research on anomaly detection system to detect attacks that leverage on the messaging service provided by MOM, and other kinds of fault in a domain within MOM. This system detects anomalies in messages to a client's message queue using a number of different anomaly detection techniques. Through anomalies the system can detect potential attacks or other faults passing through a MOM domain. The system analyzes messages passing to each message queue and derives a client specific profile of normal messages with a range of different features. Utilizing client specific characteristics, the system efficiently provides protection for each client in a MOM domain. The learning approach anomaly detection techniques employed also ensure that the system can be easily adopted by different implementations of MOM systems.


16.05.08 - Call for papers is out
29.07.08 - Deadline is extended
09.08.08 - Submission is closed
21.09.08 - Registration is open
06.10.08 - Program is online
26.11.08 - Program is updated
03.12.08 - PDFs of talks are available