A Framework for High Assurance Security of Distributed Objects

High assurance security is di cult to achieve in distributed computer systems and databases because of their complexity, non-determinism and inherent heterogeneity. The practical application of formal methods is the key to high assurance security in open, distributed environments. This paper proposes the use of formal methods and a special layered architecture to achieve secure interoperation of heterogeneous distributed objects. The foundation is provided by ROC, a process calculus tailored for concurrent objects. Lying above ROC in the layered architecture is a meta-object model for creating object models with various programming constructs, mega-programming facilities and security mechanisms. Successive layers of the architecture represent more sophisticated toolkits for modeling distributed objects. Since each layer inherits ROC's formal foundation, it automatically has an unambiguous semantics and supports veri cation.