基于可信组件的软件系统的安全特征框架

Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003 Pub Date : 2003-11-03 DOI:10.1109/CMPSAC.2003.1245337

K. Khan, Jun Han

{"title":"基于可信组件的软件系统的安全特征框架","authors":"K. Khan, Jun Han","doi":"10.1109/CMPSAC.2003.1245337","DOIUrl":null,"url":null,"abstract":"This paper explores how to characterize security properties of software components, and how to reason about their suitability for a trustworthy compositional contract. Our framework provides an explicit opportunity for software composers as well as software components to test a priori security properties of software components in a system composition. The proposed framework uses logic programming as a tool to represent security properties of atomic components and reason about their compositional matching with other components. This enables software components as well as composers to \"test\" possible matches and mismatches between the security properties of the candidate components and the security requirements of the enclosing applications systems.","PeriodicalId":173397,"journal":{"name":"Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003","volume":"139 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"47","resultStr":"{\"title\":\"A security characterisation framework for trustworthy component based software systems\",\"authors\":\"K. Khan, Jun Han\",\"doi\":\"10.1109/CMPSAC.2003.1245337\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper explores how to characterize security properties of software components, and how to reason about their suitability for a trustworthy compositional contract. Our framework provides an explicit opportunity for software composers as well as software components to test a priori security properties of software components in a system composition. The proposed framework uses logic programming as a tool to represent security properties of atomic components and reason about their compositional matching with other components. This enables software components as well as composers to \\\"test\\\" possible matches and mismatches between the security properties of the candidate components and the security requirements of the enclosing applications systems.\",\"PeriodicalId\":173397,\"journal\":{\"name\":\"Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003\",\"volume\":\"139 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-11-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"47\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CMPSAC.2003.1245337\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CMPSAC.2003.1245337","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 47

摘要

本文探讨了如何描述软件组件的安全属性，以及如何推断它们是否适合于一个可信的组合契约。我们的框架为软件编写者和软件组件提供了一个明确的机会来测试系统组合中软件组件的先验安全属性。提出的框架使用逻辑编程作为工具来表示原子组件的安全属性，并推断它们与其他组件的组合匹配。这使得软件组件以及编写者能够“测试”候选组件的安全属性与封闭应用程序系统的安全需求之间可能的匹配和不匹配。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A security characterisation framework for trustworthy component based software systems

This paper explores how to characterize security properties of software components, and how to reason about their suitability for a trustworthy compositional contract. Our framework provides an explicit opportunity for software composers as well as software components to test a priori security properties of software components in a system composition. The proposed framework uses logic programming as a tool to represent security properties of atomic components and reason about their compositional matching with other components. This enables software components as well as composers to "test" possible matches and mismatches between the security properties of the candidate components and the security requirements of the enclosing applications systems.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003

自引率

0.00%

发文量