{"title":"Availability enforcement by obligations and aspects identification","authors":"F. Cuppens, N. Cuppens-Boulahia, T. Ramard","doi":"10.1109/ARES.2006.36","DOIUrl":null,"url":null,"abstract":"Information systems are more and more victim of denial of service attacks. Thus, availability is a critical property which is more and more difficult to achieve. In this paper, we devise a new approach to design programs that enforce availability requirements. This approach is based on a formal security model called Nomad which combines deontic and temporal logics. We show how to use this model to specify availability requirements. Our proposal is then based on aspect programming. For this purpose, availability requirements expressed in the Nomad model are transformed into availability aspects. Using aspect programming languages such as AspectJ, we can then weave these availability aspects to transform an insecure program into a secure one.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"139 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"28","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"First International Conference on Availability, Reliability and Security (ARES'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2006.36","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 28
Abstract
Information systems are more and more victim of denial of service attacks. Thus, availability is a critical property which is more and more difficult to achieve. In this paper, we devise a new approach to design programs that enforce availability requirements. This approach is based on a formal security model called Nomad which combines deontic and temporal logics. We show how to use this model to specify availability requirements. Our proposal is then based on aspect programming. For this purpose, availability requirements expressed in the Nomad model are transformed into availability aspects. Using aspect programming languages such as AspectJ, we can then weave these availability aspects to transform an insecure program into a secure one.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
