Modern distributed systems are often composed of multiple individually developed and maintained services, each with its own security requirements. In many cases, the system as a whole has different security requirements than its component services. This difference causes many interesting security issues to arise. For example, what security measures need to be taken at the point of service interaction to ensure that all security requirements are fulfilled? How are unanticipated service interactions (e.g. low-level resource sharing between multiple services on one machine) handled in a security context? Can these issues be determined and resolved pre-deployment, or must they be handled at runtime (especially in the case of unanticipated interactions)?
I will attempt to answer these questions by investigating security vulnerabilities caused by service interactions in existing component-based distributed systems. Considering the growing trend towards outsourcing servers and other IT infrastructures to large data centers, it is increasingly common to find multiple services running concurrently on the same machine, perhaps servicing many different applications. This may cause unexpected resource sharing and conflicts that cause one application to inadvertently affect the availability of another. I will look at how underlying service interactions affect the security of such applications and how these security issues can be resolved, and finally use this information to develop a way to detect, diagnose and address emergent security issues in distributed applications before they lead to system-wide outages or compromise.