A High-Level Aspect-Oriented based Language for Software Security Hardening
نویسندگان
چکیده
In this paper, we propose an aspect-oriented language, called SHL (Security Hardening Language), for specifying systematically the security hardening solutions. This language constitutes our new achievement towards developing our security hardening framework. SHL allows the description and specification of security hardening plans and patterns that are used to harden systematically security into the code. It is a minimalist language built on top of the current aspect-oriented technologies that are based on advice-poincut model and can also be used in conjunction with them. The primary contribution of this approach is providing the security architects with the capabilities to perform security hardening of software by applying well-defined solution and without the need to have expertise in the security solution domain. At the same time, the security hardening is applied in an organized and systematic way in order not to alter the original functionalities of the software. We explore the viability and relevance of our proposition by applying it into a case study and presenting the experimental results of securing the connections of open source software.
منابع مشابه
An Aspect-oriented Framework for Systematic Security Hardening of Software
An Aspect-Oriented Framework for Systematic Security Hardening of Software Azzam Mourad, Ph.D. Concordia University, 2008 In this thesis, we address the problems related to the security hardening of open source software. Accordingly, we first propose an aspect-oriented and pattern-based approach for systematic security hardening. It is based on the full separation between the roles and duties o...
متن کاملAn Aspect-Oriented Approach for Software Security Hardening: from Design to Implementation
Security plays a predominant role in software engineering. Enforcing security policies should be considered during the early stages of the software development lifecycle to prevent security breaches in the final products. Because of the pervasive nature of security, integrating security solutions at the software design level may result in the scattering and tangling of security concerns through...
متن کاملSecurity Hardening UML Profile (SHP): A New Approach to Specify Security Hardening Solutions in UML
Security plays a predominant role in software engineering. Enforcing security policies should be considered during the early stages of the software development lifecycle to prevent security breaches in the final products. Because of the pervasive nature of security, integrating security solutions at the software design level may result in the scattering and tangling of security concerns through...
متن کاملThe Open University ’ s repository of research publications and other research outputs Tools for model - based security engineering : models vs . code
We present tools to support model-based security engineering on both the model and the code level. In the approach supported by these tools, one firstly specifies the securitycritical part of the system (e.g. a crypto protocol) using the UML security extension UMLsec. The models are automatically verified for security properties using automated theorem provers. These are implemented within a fr...
متن کاملThe Open University ’ s repository of research publications and other research outputs Tools for model - based security engineering : models vs . code Conference Item
We present tools to support model-based security engineering on both the model and the code level. In the approach supported by these tools, one firstly specifies the securitycritical part of the system (e.g. a crypto protocol) using the UML security extension UMLsec. The models are automatically verified for security properties using automated theorem provers. These are implemented within a fr...
متن کامل