State-of-the-art security mechanisms are often enforced in isolation from each other, which limits the kinds of policies that can be enforced in distributed and heterogeneous settings. More specifically, it is hard to enforce application-level policies that affect, or use information from multiple distributed components. This paper proposes the concept of a Security Service Bus (SSB), which is a dedicated communication channel between the applications and the different security mechanisms. The SSB treats the security mechanisms as reusable, stand-alone security services that can be bound to the applications and it allows the enforcement of advanced policies by providing uniform access to application-level information. This leads to a security infrastructure that is more flexible and more manageable and that can enforce more expressive policies. © 2008 Elsevier B.V. All rights reserved.
Goovaerts, T., De Win, B., & Joosen, W. (2008). Infrastructural Support for Enforcing and Managing Distributed Application-Level Policies. Electronic Notes in Theoretical Computer Science, 197(1), 31–43. https://doi.org/10.1016/j.entcs.2007.10.012