Regulating Distributed Systems of Software Components

Constantin Serban
Rutgers University


Abstract

Large scale distributed systems are increasingly built using a combination of reusable, legacy, and commercial-off-the-shelf software components that are developed and deployed separately, thus increasing the heterogeneity of the systems. Currently, there is no adequate mechanism for regulating the control of interaction among the components of such systems. This control is important from both the software engineering and the security perspectives. From the software engineering point of view, the control scheme defines the scope of the interaction in a manner similar to the scope rules provided by programming languages and enforces communication protocols between components. From the security point of view, this control is necessary for protecting the system from malicious components. In this talk, I will discuss a novel regulatory mechanism which can establish sophisticated access control policies over an entire distributed system, in an efficient and scalable manner. The concept of Law-Governed Interaction (LGI) has been previously proposed to regulate message-passing interaction between the components of a distributed system. This work unifies LGI-based control for remote method calls in distributed environments with control over interaction within the same address space. In the case of distributed communication, I designed and implemented Regulated Remote Method Invocation (RRMI), a protocol suite that enables fine-grained and stateful control of remote method calls according to global policies. In the case of local communication, I designed and implemented an Aspect Oriented Programming mechanism for enforcing global rules on the interaction between local components.