UP Paper 1621 US-W-TAT BOTTOM
Multi-Level Security for Service-Oriented Architectures
Ramasamy,HariGovindIBM Zurich Research Laboratory
Schunter,MatthiasIBM Zurich Research Laboratory
Multi-level security (MLS) is a well-established and thoroughly studied approach towards security. Service-oriented architectures (SOA) are emerging in the commercial world and promise increased flexibility and better interoperability. While both concepts have substantial merit, there is no well-established approach for combining both. In this paper, we describe how to provide multi-level security in a service-oriented architecture. First, we propose a conceptual design for multi-level security in a service-oriented architecture. We then describe how this model can be realized in today's defense networks that are structured into mutually isolated network zones with different confidentiality classifications.
Dr. Matthias Schunter IBM Research, Zurich Research Laboratory, Säumerstr. 4, 8803 Rüschlikon, Switzerland, e-mail: mts@zurich.ibm.com Dr. Schunter is leading the trusted computing research at the IBM Zurich Research Laboratory. He contributes to IBM’s efforts in the Trusted Computing Group and has lead an IBM Academy study on integrity-based computing. His research interests include formal modeling in privacy and the design of protocols providing multi-party security. He received a diploma in Computer Science at the University of Hildesheim and holds a PhD (Dr.-Ing.) in Computer Science from Saarbrücken University. Since April 2001, he has been a member of the research group “Network Security and Cryptography” at the IBM Zurich Research Laboratory. This group is a leading contributor to the Privacy Research Institute of IBM. Between 1994 and 2001, he was researcher in Computer Science at the Universities of Hildesheim, Dortmund, and Saarbrücken. He participated in the projects CAFÉ on off-line electronic payments and SEMPER aimed at an open integrated solution for global electronic commerce. At Saarbrücken, he was group leader of the MAFTIA project, which combines fault-tolerance and cryptography. All three projects were supported by the European Union. Dr. Schunter is author or co-author of more than thirty technical papers on security and privacy.