OpenPMF: Using Open Source for Security Policy Integration and Intrusion Detection in Heterogeneous Distributed IT Systems

Most organisations today need to maintain and periodically migrate a heterogeneous distributed IT infrastructure to more modern platforms. This is typically a time-consuming, expensive, and error-prone process. The same problem also applies to IT security – security technologies and policy management consoles are changed periodically. We use software modelling concepts to ease the maintenance and migration efforts of distributed systems infrastructure and in particular distributed systems security (e.g. for CORBA, CORBA Components, EJB, Web Services, .NET). The use of Open Source software can simplify this task further because infrastructure technologies can be flexibly adapted and integrated with existing technologies. In this paper, we will discuss the challenges and benefits of using software modelling and open source software help make distributed applications and their complex security policies weather modifications in the underlying infrastructure technologies. We also present OpenPMF, our innovative Open Source security framework and implementation which enables centralised, technology-independent security policy management and intrusion detection for distributed heterogeneous systems. The paper argues that the concepts of modeldriven software development can be successfully applied to security, and that this approach yields a number of benefits. Moreover, we claim that Open Source software can support this process because customization and integration problems are mitigated when the source code is available.