Monitoring Software Security Requirements using Instrumented Code
نویسنده
چکیده
Ideally, software is derived from requirements whose properties have been established as good. However, it is difficult to define and analyze requirements. Moreover, derivation of software from requirements is error prone. Finally, the installation and use of complied software can introduce errors. Thus, it can be difficult to provide assurances about the state of a software's execution. We present a framework to monitor requirements of software as it executes. The framework is general, and allows for automated support. In this paper, we introduced the framework, and show how Java code can be instrumented and monitored by a model checker. We illustrate our current automated support using the widely known problem of the Dinning Philosophers. From this exemplar, we suggest how the approach may be applied to address security concerns such as those that arise during e-commerce transactions.
منابع مشابه
Monitoring Software Requirements Using Instrumented Code
Ideally, software is derived from requirements whose properties have been established as good. However, it is difficult to define and analyze requirements. Moreover, derivation of software from requirements is error prone. Finally, the installation and use of compiled software can introduce errors. Thus, it can be difficult to provide assurances about the state of a software's execution. We pre...
متن کاملMapping of McGraw Cycle to RUP Methodology for Secure Software Developing
Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...
متن کاملTowards the Verification and Validation of Software Security Properties Using Static Code Analysis
Developing and delivering secure software is a challenging task, that gets even harder when the developer tries to adhere to both application and organization-specific security requirements. Different approaches have been proposed to facilitate this task, such as code analysis that aims at detecting flaws in the developed software before it is released and deployed to customer. This paper discu...
متن کاملMonitoring Software Requirements using Instrumented Code1
Ideally, software is derived from requirements whose properties have been established as good. However, it is difficult to define and analyze requirements. Moreover, derivation of software from requirements is error prone. Finally, the installation and use of compiled software can introduce errors. Thus, it can be difficult to provide assurances about the state of a software's execution. We pre...
متن کاملSecurity Concerns in Using Open Source Software for Enterprise Requirements
Information security is the biggest challenge for network and ecurity administrators. The security of a given network highly depends o the software used and the administrative practices followed for operating systems, perimeter security, antivirus protection, intrusion detection, software development, systems and network monitoring, corporate mail, office productivity and so on. The rapid growt...
متن کامل