Secure Software Architectures
نویسنده
چکیده
Secure distributed applications often include code to authenticate users, verify access rights, and establish secure communication channels between software components (e.g., clients and servers). This code is often particular to the application and the context in which the application is used. Embedding protection definitions in the application code makes it difficult to reuse because different applications often have very different protection constraints. In this paper we address the issues of security in software architectures, and propose a protection model based on software architectures, where the security policy is programmed separately from the application code.
منابع مشابه
Virtualization Based Secure Execution and Testing Framework
Computer security aims at protecting confidentiality, integrity, and availability of sensitive information that are processed, used, or stored by computing systems. Computer scientists working in the field of computer security have successfully designed and developed software and hardware mechanisms to provide security in modern day computing devices. As compared to hardware security mechanisms...
متن کاملTrade-off Analysis of Misuse Case-based Secure Software Architectures: A Case Study
Based on the threat-driven architectural design of secure information systems, this paper introduces an approach for the tradeoff analysis of secure software architectures in order to determine the effects of security requirements on the system. We use a case study on a payroll information system (PIS) to show the approach from misuse case identification through the architecture tradeoff analys...
متن کاملModel-based Design of Reusable Secure Connectors
This paper describes the integration of security and communication patterns in reusable secure connectors that are incorporated in the model-based design of secure distributed component-based software architectures. The secure connectors are designed separately from application components by reusing the appropriate communication pattern between components as well as the security patterns requir...
متن کاملThreat-Driven Design and Analysis of Secure Software Architectures
Computer software is a major source of security risks in information systems. To deal with software security issues in the early stages of software development, this paper presents a threatdriven approach to the architectural design and analysis of secure software. Based on the identification and mitigation of security threats as misuse use cases, we leverage use cases, misuse cases, and mitiga...
متن کاملIntegrating Security Administration into Software Architectures Design
Software architecture plays a central role in developing software systems that satisfy functionality and security requirements. However, little has been done to integrate system design with security enforcement, which would otherwise benefits both development process and system’s quality of service (QoS). This paper proposes a formal method to integrate security administration into software arc...
متن کامل