Managing Assurance, Security and Trust for sERvices (MASTER)

It is our expectation that the business of the future will rely on highly dynamic IT systems that are partially outsourced and subject to increasing complexity, security and trust requirements and regulations. Best-effort security will no longer be acceptable and businesses will have to provide certified assurance to its customers. Conversely, businesses will demand assured services from its contractors and suppliers. MASTER aims to provide the tools, methodologies, and technologies needed to build such highly dynamic, outsourced, regulated, and verifiably compliant IT systems.

Launched in February 2008, MASTER is a 36-month, large-scale integrating project co-financed by the European Commission under the EU 7th Framework Program. The objective of MASTER is to provide the following capabilities in a verifiable and auditable manner:

1. Formal definition of policies, goals, and quantifiable performance indicators for security, trust, and assurance;
2. Mapping of those policies, goals, and indicators from the conceptual level across various intermediate abstractions levels down to the IT implementation level;
3. Provision and configuration the enforcement mechanisms required to ensure that the policies are implemented, goals are met, and indicators stay within their target range.

To achieve this objective, MASTER expects to develop:

• Novel security, trust, and assurance models and languages;
• Novel methodologies and tools for transforming between these models;
• Novel enforcement mechanisms to implement these models.

MASTER will develop its concepts for systems that are built as service-oriented architectures (SOAs). This choice was made because SOA is increasingly becoming the predominant architectural software paradigm. Moreover, it provides a well-established standard for the interfaces and communication protocols that the MASTER middleware components need to communicate among themselves.

Following the SOA paradigm, the center of our study is the service. A service has an interface that defines its functionality, and an implementation that provides said functionality. MASTER extends the service interface by adding additional methods that make it possible to specify and query security, trust, and assurance policies, goals, and indicators.

Using this new MASTER interface MI, we can then send a MASTER security policy P to a service S with the request to implements this policy. Moreover, we can check compliance with policy P by querying suitable security and assurance indicators I from the MASTER interface of service S. To help service S in implementing the security policy P, MASTER assumes that S itself is implemented by means of a SOA. MASTER will then provide the tools and methodologies needed to recursively decompose policy P into more granular policies that can be passed to the sub-services S1 to Sn that S is composed of. This decomposition is such that S fulfills P if all the sub-services fulfill their more granular policies. The below figure illustrates this recursive refinement and implementation of policies.