Security has become a paramount concern due to dramatic advances of network technologies and a wide variety of new business
opportunities. These advances have also brought the need for integration of computers systems to the surface, mainly for real-time,
information sharing. As these systems are network-based, COTS products are predominantly used in these types of integration
efforts. Since security is still a relatively new concern, it is often addressed as an afterthought in software development.
Unfortunately, to ensure a high degree of security, it is imperative to address the concerns in a principled manner. Software
architectures provide a unique opportunity to assess and structure the security as part of integration solution design. In
this paper, we describe an approach to constructing secure integration architectures—architectural solutions to component
interoperability that both satisfy known functional security policies and that specify the functionality of security mechanisms
used to fulfill them.
This material is based upon work supported in part by AFOSR (F49620-98-1-0217) and NSF (CCR-9988320). Any opinions, findings,
and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the
views of the National Science Foundation or the US government. The government has certain rights to this material.