Security Variability Design and Analysis in an Aspect Oriented Software Architecture

2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI:10.1109/SSIRI.2009.47

Lirong Dai

{"title":"Security Variability Design and Analysis in an Aspect Oriented Software Architecture","authors":"Lirong Dai","doi":"10.1109/SSIRI.2009.47","DOIUrl":null,"url":null,"abstract":"Developing secure systems at software architecture stage presents additional challenges: a system may demand multiple security capabilities and each security capability can be realized by many security solutions. Effective techniques are needed to assist software architects in modeling and evaluating security capabilities. The benefits of such techniques include enabling software architects to create an optimized security architecture design. This paper presents a modeling approach to support security variability design and analysis. In the approach, security capabilities are modeled as aspects and alternative security solutions are reflected. This allows to effectively perform interaction analysis among security solutions, e.g., determining supporting or conflicting solutions etc. A Health Watcher system is used to illustrate the approach, where the system is designed with two security aspects, data origin authentication and non-repudiation. The proposed security variability design approach has been showed to effectively support the interaction analysis between data origin authentication solutions and non-repudiation solutions.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SSIRI.2009.47","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

Developing secure systems at software architecture stage presents additional challenges: a system may demand multiple security capabilities and each security capability can be realized by many security solutions. Effective techniques are needed to assist software architects in modeling and evaluating security capabilities. The benefits of such techniques include enabling software architects to create an optimized security architecture design. This paper presents a modeling approach to support security variability design and analysis. In the approach, security capabilities are modeled as aspects and alternative security solutions are reflected. This allows to effectively perform interaction analysis among security solutions, e.g., determining supporting or conflicting solutions etc. A Health Watcher system is used to illustrate the approach, where the system is designed with two security aspects, data origin authentication and non-repudiation. The proposed security variability design approach has been showed to effectively support the interaction analysis between data origin authentication solutions and non-repudiation solutions.

查看原文本刊更多论文

面向方面软件体系结构中的安全可变性设计与分析

在软件架构阶段开发安全系统会带来额外的挑战:系统可能需要多种安全功能，每种安全功能可以通过许多安全解决方案来实现。需要有效的技术来帮助软件架构师建模和评估安全功能。这种技术的好处包括使软件架构师能够创建优化的安全体系结构设计。本文提出了一种支持安全可变性设计和分析的建模方法。在该方法中，安全功能被建模为方面，并反映了可选的安全解决方案。这允许在安全解决方案之间有效地执行交互分析，例如，确定支持或冲突的解决方案等。以Health Watcher系统为例说明了这种方法，该系统设计了两个安全方面，即数据源身份验证和不可否认性。所提出的安全可变性设计方法能够有效地支持数据源认证方案和不可否认方案之间的交互分析。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement

自引率

0.00%

发文量