Group communication is increasingly used as a low cost building block for the development of highly available and survivable services in dynamic environments. However, contemporary frameworks often provide limited facilities for the definition and enforcement of precise security policies. This paper presents the Antigone 2.0 framework that allows the flexible specification and enforcement of group security policies. Enforcement is achieved through the policy directed composition and configuration of sets of basic security services implementing the group. We summarize the design of the Antigone 2.0 architecture, its use, and the Application Programming Interface (API). The use of the API is illustrated through two applications built on Antigone; a reliable multicast system and host level multicast security service. We conclude with a description of current status and plans for future work. 1

Security policy management for a dynamic coalition with multiple members, each with its own policy requirements and mechanisms, and with limited mutual trust, is a complex task. In this paper, we present the architecture of MSME, a system that addresses this problem by providing mechanisms to express security requirements for large groups abstractly; exchange and reconcile these communication requirements among members of a group; and automatically bind these abstract requirements to mechanisms that can enforce them at different levels of the TCP/IP stack. 1.