Secure Encapsulation of Insecure Middleware

摘要

Unceasingly developed and deeply exploited along with the software system, the variety of middlewares becomes more and more, they mutually affect each other in the complex way. These middlewares, because of the complex of the origin, are not extremely credible. So, before using these middlewares, we must understand the security features of them, for instance, the secret data cannot be leaked in the network. But, it is very difficult to confirm whether these middlewares have good security feature. The paper designs the encapsulations, which let these middlewares run under secure environment, and it provides the control of good granularity among the middlewares, the middleware and other system resources. The main part of this paper is to research the expression methods of the encapsulations, and we state and verify the security through these methods. This paper uses box- π calculus to describe several kinds of encapsulations, and discuss the security that each encapsulation could guarantee.