{"title":"使用基于模式的设计片段构建安全的应用程序","authors":"Paul Rimba, Liming Zhu, Xiwei Xu, Daniel W. Sun","doi":"10.1109/SRDSW.2015.12","DOIUrl":null,"url":null,"abstract":"Developing and operating a complex secure application with high assurance is difficult and requires experts. Security patterns and best practices have been proposed to assist architects in designing secure applications. However, these are usually written independently of the underlying platforms and operating environment. This leads to a gap between patterns and the platforms, and does not directly support the design-level analysis and verification of systems to be built on those platforms. We propose an approach to incrementally build an application design using design fragments, which are specializations of patterns for target platforms. Design fragments can be composed and reused during design, and directly support design-level security analyses and operation level concerns. We apply this approach in a case study of the design and analysis of a smart electricity meter. We show how the approach can be used to iteratively address threats.","PeriodicalId":415692,"journal":{"name":"2015 IEEE 34th Symposium on Reliable Distributed Systems Workshop (SRDSW)","volume":"2008 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Building Secure Applications Using Pattern-Based Design Fragments\",\"authors\":\"Paul Rimba, Liming Zhu, Xiwei Xu, Daniel W. Sun\",\"doi\":\"10.1109/SRDSW.2015.12\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Developing and operating a complex secure application with high assurance is difficult and requires experts. Security patterns and best practices have been proposed to assist architects in designing secure applications. However, these are usually written independently of the underlying platforms and operating environment. This leads to a gap between patterns and the platforms, and does not directly support the design-level analysis and verification of systems to be built on those platforms. We propose an approach to incrementally build an application design using design fragments, which are specializations of patterns for target platforms. Design fragments can be composed and reused during design, and directly support design-level security analyses and operation level concerns. We apply this approach in a case study of the design and analysis of a smart electricity meter. We show how the approach can be used to iteratively address threats.\",\"PeriodicalId\":415692,\"journal\":{\"name\":\"2015 IEEE 34th Symposium on Reliable Distributed Systems Workshop (SRDSW)\",\"volume\":\"2008 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE 34th Symposium on Reliable Distributed Systems Workshop (SRDSW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SRDSW.2015.12\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE 34th Symposium on Reliable Distributed Systems Workshop (SRDSW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SRDSW.2015.12","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Building Secure Applications Using Pattern-Based Design Fragments
Developing and operating a complex secure application with high assurance is difficult and requires experts. Security patterns and best practices have been proposed to assist architects in designing secure applications. However, these are usually written independently of the underlying platforms and operating environment. This leads to a gap between patterns and the platforms, and does not directly support the design-level analysis and verification of systems to be built on those platforms. We propose an approach to incrementally build an application design using design fragments, which are specializations of patterns for target platforms. Design fragments can be composed and reused during design, and directly support design-level security analyses and operation level concerns. We apply this approach in a case study of the design and analysis of a smart electricity meter. We show how the approach can be used to iteratively address threats.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
