A general approach to secure components composition

Abstract

At present, security properties for components composition have two major shortcomings. First, they do not properly consider connectivity between components. This leads to the imposition of over strong security requirements on the components. Consequently their functionality and performance may be sacrificed unnecessarily. Secondly, these properties usually demand components and their system to comply with the same or compatible security requirements. This greatly restricts their applicability. To rectify these problems, we aim to present a composable security property that permits different components to meet different security requirements, and appropriately enforces the requirements on the components with regard to their connectivity.