2011 Fifth International Conference on Secure Software Integration and Reliability Improvement最新文献_第2页

A Feature-Based Modeling Approach for Building Hybrid Access Control Systems 一种基于特征的混合门禁系统建模方法

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2011-06-27 DOI: 10.1109/SSIRI.2011.16

Sangsig Kim, Dae-Kyoo Kim, Lunjin Lu, S. Park, Suntae Kim

{"title":"A Feature-Based Modeling Approach for Building Hybrid Access Control Systems","authors":"Sangsig Kim, Dae-Kyoo Kim, Lunjin Lu, S. Park, Suntae Kim","doi":"10.1109/SSIRI.2011.16","DOIUrl":"https://doi.org/10.1109/SSIRI.2011.16","url":null,"abstract":"Role-Based Access Control (RBAC) and Mandatory Access Control (MAC) are widely used access control models. They are often used together in domains where both data integrity and information flow are concerned. There is much work on combined use of RBAC and MAC policies at the kernel level, which focuses on enforcing hybrid policies at run-time. However, there is little work on techniques for developing hybrid systems of RBAC and MAC from a development perspective. In this work, we present a feature-based modeling approach for developing hybrid access control systems. In the approach, RBAC and MAC are designed in terms of features and features are configured based on requirements. Configured features are then composed to produce a design model that supports hybrid access control. The approach enables systematic development of hybrid systems of RBAC and MAC and reduces development complexity and errors through need-based configuration of features in early development phases. We use a hospital system to demonstrate the approach. Tool support for the approach is also discussed.","PeriodicalId":224250,"journal":{"name":"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121002115","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 7

Security Goals Assurance Based on Software Active Monitoring 基于软件主动监控的安全目标保证

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2011-06-27 DOI: 10.1109/SSIRI.2011.34

Changzhi Zhao, Wei Dong, M. Leucker, Zhichang Qi

{"title":"Security Goals Assurance Based on Software Active Monitoring","authors":"Changzhi Zhao, Wei Dong, M. Leucker, Zhichang Qi","doi":"10.1109/SSIRI.2011.34","DOIUrl":"https://doi.org/10.1109/SSIRI.2011.34","url":null,"abstract":"Access control is a vital security mechanism in today's operating systems, and the security policies dictating the security relevant behaviors is lengthy and complex, for example in Security-Enhanced Linux (SELinux). It is extremely difficult to verify the consistency between the security policies and the security goals desired by applications. In this paper, we present how to predict whether the information flow security goal is violated or not during runtime, how to generate the corresponding control actions on-line when divergence is detected and how to apply these actions in time based on software active monitoring technique. The symbolic security information flow model of SElinux is generated from a formalization of the access control mechanism which can be used to generate the N-step ahead projection of the future behavior. Information flow security goals are expressed in linear temporal logic (LTL) which provides clear description of the objectives desired by applications. Anticipatory monitor is generated from LTL formula automatically. We consider an on-line scheme where after the occurrence of an event, the next control action is determined on the basis of the N-step ahead projection of the future behavior. This procedure is repeated after the occurrence of next security relevant event. Thus, a closed-loop system is generated that all behavior sequences will satisfy the security goals.","PeriodicalId":224250,"journal":{"name":"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement","volume":"500 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123058902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

Probabilistic Risk Assessment for Security Requirements: A Preliminary Study 安全需求的概率风险评估:初步研究

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2011-06-27 DOI: 10.1109/SSIRI.2011.12

Seok-Won Lee

{"title":"Probabilistic Risk Assessment for Security Requirements: A Preliminary Study","authors":"Seok-Won Lee","doi":"10.1109/SSIRI.2011.12","DOIUrl":"https://doi.org/10.1109/SSIRI.2011.12","url":null,"abstract":"Risk assessment is a critical decision making process during the Security Certification and Accreditation (C&A) process. However, existing infrastructure-wide C&A processes in real world are challenged by the ever increasing complexity of information systems and their diverse socio-technical operational environments. The lack of an explicit model and the associated uncertainties of software behavior are two main reasons that directly impact the effectiveness of risk assessment as well as the subjective decisions made based on the different level of domain expertise. In this paper, we propose a method for a probabilistic model driven risk assessment on security requirements. The security requirements and their causal relationships are represented using MEBN (Multi-Entities Bayesian Networks) logic that constructs an explicit formal risk assessment model that supports evidence-driven arguments. The proposed approach is described by using real-world C&A scenarios to show not only its feasibility for security requirements risk assessment but also its effectiveness for the sensitivity analysis to identify critical influences among information entities in a complex and uncertain operational environment.","PeriodicalId":224250,"journal":{"name":"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131033729","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 17

Comprehensive Two-Level Analysis of Static and Dynamic RBAC Constraints with UML and OCL 基于UML和OCL的静态和动态RBAC约束综合两层分析

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2011-06-27 DOI: 10.1109/SSIRI.2011.18

Mirco Kuhlmann, K. Sohr, Martin Gogolla

引用次数: 21

Mutation-Based Evaluation of Weighted Test Case Selection for Firewall Testing 基于突变的防火墙测试用例加权选择评估

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2011-06-27 DOI: 10.1109/SSIRI.2011.22

Tugkan Tuglular, Gurcan Gercek

引用次数: 5

Deriving Data Dependence from/for UML State Machine Diagrams 从UML状态机图中导出数据依赖性

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2011-06-27 DOI: 10.1109/SSIRI.2011.19

Hyeon-Jeong Kim, Doo-Hwan Bae, V. Debroy, W. E. Wong

{"title":"Deriving Data Dependence from/for UML State Machine Diagrams","authors":"Hyeon-Jeong Kim, Doo-Hwan Bae, V. Debroy, W. E. Wong","doi":"10.1109/SSIRI.2011.19","DOIUrl":"https://doi.org/10.1109/SSIRI.2011.19","url":null,"abstract":"Slicing is a well-known reduction technique in many areas such as debugging, maintenance, and testing, and thus, there has been considerable research in the application of slicing techniques to models at the design level. UML state machine diagrams can properly describe the behavior of large software systems at the design level. The slicing of UML state machine diagrams is helpful for their maintenance. But it is difficult to apply a slicing algorithm to automatically reduce the diagrams with respect to slicing criteria, because of the unique properties of these diagrams, such as hierarchy and orthogonality. These properties make constructing a data dependence graph highly complicated. Hierarchy between states leads to implicit paths between states, which may affect data dependence. Also, orthogonality (i.e., parallelism) can cause an intransitivity problem when tracing data dependence. In this paper, we discuss an approach to address such problems. We first construct a control flow graph, which explicitly describes all possible transitions; and a hierarchy graph, which depicts the hierarchical structure of state machine diagram. Next we retrieve data dependence information and construct a dependence graph across different levels. We also show how data dependence information is retrieved, by virtue of ATM example.","PeriodicalId":224250,"journal":{"name":"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124249229","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 5

Automatic Synthesis of Static Fault Trees from System Models 基于系统模型的静态故障树自动合成

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2011-06-27 DOI: 10.1109/SSIRI.2011.32

Jianwen Xiang, Kazuo Yanoo, Y. Maeno, Kumiko Tadano

{"title":"Automatic Synthesis of Static Fault Trees from System Models","authors":"Jianwen Xiang, Kazuo Yanoo, Y. Maeno, Kumiko Tadano","doi":"10.1109/SSIRI.2011.32","DOIUrl":"https://doi.org/10.1109/SSIRI.2011.32","url":null,"abstract":"Fault tree analysis (FTA) is a traditional reliability analysis technique. In practice, the manual development of fault trees could be costly and error-prone, especially in the case of fault tolerant systems due to the inherent complexities such as various dependencies and interactions among components. Some dynamic fault tree gates, such as Functional Dependency (FDEP) and Priority AND (PAND), are proposed to model the functional and sequential dependencies, respectively. Unfortunately, the potential semantic troubles and limitations of these gates have not been well studied before. In this paper, we describe a framework to automatically generate static fault trees from system models specified with SysML. A reliability configuration model (RCM) and a static fault tree model (SFTM) are proposed to embed system configuration information needed for reliability analysis and error mechanism for fault tree generation, respectively. In the SFTM, the static representations of functional and sequential dependencies with standard Boolean AND and OR gates are proposed, which can avoid the problems of the dynamic FDEP and PAND gates and can reduce the cost of analysis based on a combinatorial model. A fault-tolerant parallel processor (FTTP) example is used to demonstrate our approach.","PeriodicalId":224250,"journal":{"name":"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement","volume":"106 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131846663","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 53

Safe Software: Does It Cost More to Develop? 安全软件:开发成本更高吗?

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2011-06-27 DOI: 10.1109/SSIRI.2011.28

W. E. Wong, Andrea Demel, V. Debroy, Michael F. Siok

{"title":"Safe Software: Does It Cost More to Develop?","authors":"W. E. Wong, Andrea Demel, V. Debroy, Michael F. Siok","doi":"10.1109/SSIRI.2011.28","DOIUrl":"https://doi.org/10.1109/SSIRI.2011.28","url":null,"abstract":"The importance of system safety has intensified in recent years given the ever-growing use of safety-critical systems in avionics, medicine, nuclear energy, and other fields. However, despite the abundance of standards which exist to provide guidance for the development of safe software for safety-critical systems, there is no consensus on how to achieve safety assurance in a cost-effective fashion. This paper reviews five software safety standards: the FAA System Safety Handbook, the US DoD MIL-STD-882D, the UK MoD DEF-STAN 00-56, NASA-STD 8719.13b and the RTCA DO-178B, and evaluates each in terms of cost effectiveness. It provides an overview of several safety-critical projects, ones that have incurred significant cost overruns as well as ones that have produced safety-critical software in a reasonably cost-effective manner. By virtue of discussing such projects we posit that it is possible to develop software, despite significant safety assurance requirements, without necessarily sacrificing cost. Specifically, projects can realize savings by using mature processes and appropriate tools to assist in development of safety-critical software.","PeriodicalId":224250,"journal":{"name":"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125786203","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 10

Execution Constraint Verification of Exception Handling on UML Sequence Diagrams UML序列图异常处理的执行约束验证

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2011-06-27 DOI: 10.1109/SSIRI.2011.13

S. Ciraci, Hasan Sözer, M. Aksit, W. Havinga

引用次数: 1

A Practical Covert Channel Identification Approach in Source Code Based on Directed Information Flow Graph 一种实用的基于有向信息流图的源代码隐蔽信道识别方法

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2011-06-27 DOI: 10.1109/SSIRI.2011.17

Jingzheng Wu, Liping Ding, Yongji Wang, Wei Han

{"title":"A Practical Covert Channel Identification Approach in Source Code Based on Directed Information Flow Graph","authors":"Jingzheng Wu, Liping Ding, Yongji Wang, Wei Han","doi":"10.1109/SSIRI.2011.17","DOIUrl":"https://doi.org/10.1109/SSIRI.2011.17","url":null,"abstract":"Covert channel analysis is an important requirement when building secure information systems, and identification is the most difficult task. Although some approaches were presented, they are either experimental or constrained to some particular systems. This paper presents a practical approach based on directed information flow graph taking advantage of the source code analysis. The approach divides the whole system into serval independent modules and analyzes them respectively. All the shared variables and their caller functions are found out from the source codes and modeled into directed information flow graphs. When the information flow branches are visible and modifiable to the external interface, a potential covert channel exists. Contributions made in this paper are as follows: a modularized analysis scheme is proved and reduces the workloads of identifying, a directed information flow graph algorithm is presented and used to model the covert channels, more than 30 covert channels have been identified in Linux kernel source code using this scheme, and a typical channel scenario is constructed.","PeriodicalId":224250,"journal":{"name":"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128053103","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 6