License: Creative Commons Attribution 4.0 International license (CC BY 4.0)
When quoting this document, please refer to the following
DOI: 10.4230/DagSemProc.06351.3
URN: urn:nbn:de:0030-drops-8594
URL: http://dagstuhl.sunsite.rwth-aachen.de/volltexte/2007/859/
Go to the corresponding Portal

Fox, Jorge ; Juerjens, Jan

A Framework for Analyzing Composition of Security Aspects

pdf-format:
06351.FoxJorge.Paper.859.pdf (0.6 MB)

Abstract

The methodology of aspect-oriented software engineering has
been proposed to factor out concerns that are orthogonal to the core
functionality of a system. In particular, this is a useful approach to handling
the difficulties of integrating non-functional requirements such as
security into complex software systems. Doing so correctly and securely,
however, still remains a non-trivial task. For example, one has to make
sure that the "weaving" process actually enforces the aspects needed.
This is highly non-obvious especially in the case of security, since different
security aspects may actually contradict each other, in which case
they cannot be woven in a sequential way without destroying each other.
To address these problems, this paper introduces a framework for the
aspect-oriented development of secure software using composition filters
at the model level. Using an underlying foundation based on streamprocessing
functions, we explore under which conditions security properties
are preserved when composed as filters. Thanks to this foundation
we may also rely on model level verification tools and on code and model
weaving to remedy security failures. Our approach is explained using as
case-studies a web banking application developed by a major German
bank and a webstore design.

BibTeX - Entry

@InProceedings{fox_et_al:DagSemProc.06351.3,
  author =	{Fox, Jorge and Juerjens, Jan},
  title =	{{A Framework for Analyzing Composition of Security Aspects}},
  booktitle =	{Methods for Modelling Software Systems (MMOSS)},
  pages =	{1--25},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2007},
  volume =	{6351},
  editor =	{Ed Brinksma and David Harel and Angelika Mader and Perdita Stevens and Roel Wieringa},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/opus/volltexte/2007/859},
  URN =		{urn:nbn:de:0030-drops-8594},
  doi =		{10.4230/DagSemProc.06351.3},
  annote =	{Keywords: Aspects in software engineering, aspect interference, verification, semantics, formal methods}
}

Keywords: Aspects in software engineering, aspect interference, verification, semantics, formal methods
Collection: 06351 - Methods for Modelling Software Systems (MMOSS)
Issue Date: 2007
Date of publication: 11.04.2007

DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI