An approach for deploying and monitoring dynamic security policies

Security policies are enforced through the deployment of certain security functionalities within the applications. When the security policies dynamically change, the associated security functionalities currently deployed within the applications must be adapted at runtime in order to enforce the new security policies. INTER-TRUST is a framework for the specification, negotiation, deployment and dynamic adaptation of interoperable security policies, in the context of pervasive systems where devices are constantly exchanging critical information through the network. The dynamic adaptation of the security policies at runtime is addressed using Aspect-Oriented Programming (AOP) that allows enforcing security requirements by dynamically weaving security aspects into the applications. However, a mechanism to guarantee the correct adaptation of the functionality that enforces the changing security policies is needed. In this paper, we present an approach based on the combination of monitoring and detection techniques in order to maintain the correlation between the security policies and the associated functionality deployed using AOP, allowing the INTER-TRUST framework to automatically react when needed.