{"title":"A security characterisation framework for trustworthy component based software systems","authors":"K. Khan, Jun Han","doi":"10.1109/CMPSAC.2003.1245337","DOIUrl":null,"url":null,"abstract":"This paper explores how to characterize security properties of software components, and how to reason about their suitability for a trustworthy compositional contract. Our framework provides an explicit opportunity for software composers as well as software components to test a priori security properties of software components in a system composition. The proposed framework uses logic programming as a tool to represent security properties of atomic components and reason about their compositional matching with other components. This enables software components as well as composers to \"test\" possible matches and mismatches between the security properties of the candidate components and the security requirements of the enclosing applications systems.","PeriodicalId":173397,"journal":{"name":"Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003","volume":"139 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"47","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CMPSAC.2003.1245337","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 47
Abstract
This paper explores how to characterize security properties of software components, and how to reason about their suitability for a trustworthy compositional contract. Our framework provides an explicit opportunity for software composers as well as software components to test a priori security properties of software components in a system composition. The proposed framework uses logic programming as a tool to represent security properties of atomic components and reason about their compositional matching with other components. This enables software components as well as composers to "test" possible matches and mismatches between the security properties of the candidate components and the security requirements of the enclosing applications systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
