Jaime A. Pavlich-Mariscal, S. Demurjian, L. Michel
{"title":"A Framework of Composable Access Control Definition, Enforcement and Assurance","authors":"Jaime A. Pavlich-Mariscal, S. Demurjian, L. Michel","doi":"10.1109/SCCC.2008.18","DOIUrl":null,"url":null,"abstract":"This paper proposes an approach for secure software design and coding; and, it provides a formal underpinning for security assurance, i.e., a proof that the generated code correctly realizes security specifications. The base of the proposed approach is a set of security features by J. Pavlich-Mariscal et al (2007) that separate security concerns from the main design. To create specific access control models, designers can select the features they require, compose them, and represent them through security diagrams, i.e., extensions to UML to represent security concerns. These security specifications are then transitioned into aspect-oriented enforcement code. To provide security assurance, this paper formalizes the application behavior using labeled transition systems and structural operational semantics; and it uses simulation relations to demonstrate the correctness of the secure code.","PeriodicalId":415835,"journal":{"name":"2008 International Conference of the Chilean Computer Science Society","volume":"38 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 International Conference of the Chilean Computer Science Society","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SCCC.2008.18","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 9
Abstract
This paper proposes an approach for secure software design and coding; and, it provides a formal underpinning for security assurance, i.e., a proof that the generated code correctly realizes security specifications. The base of the proposed approach is a set of security features by J. Pavlich-Mariscal et al (2007) that separate security concerns from the main design. To create specific access control models, designers can select the features they require, compose them, and represent them through security diagrams, i.e., extensions to UML to represent security concerns. These security specifications are then transitioned into aspect-oriented enforcement code. To provide security assurance, this paper formalizes the application behavior using labeled transition systems and structural operational semantics; and it uses simulation relations to demonstrate the correctness of the secure code.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
