Adaptive security on service-based SCM control system

On a large-scale application subject to dynamic interactions, the description and enforcement of security rules are complex tasks to handle, as they involve heterogeneous entities that do not have the same capabilities. In the context of SCM-application for example, we have different goods that are being transported across different systems. At one point, items and systems communicate together to signal presence, report issues during transport, certify validity of previous checks, etc. Security capabilities of the involved parties are heterogeneous and one might want to specify security policies on an abstract level and let the involved systems enforce them according to their contexts and the specific capabilities of each party. In this paper, we propose a framework for security mechanisms adaptation when services are involved by using Aspect-Oriented-Programming (AOP) concepts that can be applied to SCM applications. The novelty is the expressivity of security policy at a global level and the enforcement at a local level, through a specific and distributed aspect model that has a larger semantic to catch up events relevant for business usage and dedicated to security concerns.