Model-Driven Application and Validation of Security Patterns
نویسندگان
چکیده
The spread of software services through the Internet has increased the importance of software security. Security patterns is a tool that helps developers, architects and security specialists utilize security experts’ knowledge and standardize how they respond to security threats. Security patterns contain recurring solutions about security problems. However, there is a possibility that developers may apply security patterns in inappropriate ways due to their lack of knowledge about dependencies among patterns. We propose an automated technique of applying security patterns in model-driven software development by defining model transformation rules that take into consideration pattern dependencies. Our technique prevents inappropriate applications such as applying security patterns to the wrong model elements or in the wrong order. We believe that our technique can help developers to apply security patterns to their own models automatically in appropriate ways. Keywords-component; Security Patterns; Model Driven Development; UML; ATL;
منابع مشابه
Enhancing Learning from Imbalanced Classes via Data Preprocessing: A Data-Driven Application in Metabolomics Data Mining
This paper presents a data mining application in metabolomics. It aims at building an enhanced machine learning classifier that can be used for diagnosing cachexia syndrome and identifying its involved biomarkers. To achieve this goal, a data-driven analysis is carried out using a public dataset consisting of 1H-NMR metabolite profile. This dataset suffers from the problem of imbalanced classes...
متن کاملA Modeling and Formal Approach for the Precise Specification of Security Patterns
Non-functional requirements such as Security and Dependability (S &D) become more important as well as more difficult to achieve. In fact, the integration of security features requires the availability of both application domain specific knowledge and security expertise at the same time. Hence, capturing and providing this expertise by the way of security patterns can support the integration of...
متن کاملAutomatic Transformation of Generic , Validated Business Process Security Models to WS - SecurityPolicy Descriptions
An increasing need for security in SOA applications demands for better support for the management of security in Web-based business processes. Here, the model-driven process development may provide valuable opportunities in terms of maintainability and deployment. Besides modeling and then generating the pure functionality of a process, the consideration of security properties at the level of a...
متن کاملUse of Two Smoothing Parameters in Penalized Spline Estimator for Bi-variate Predictor Non-parametric Regression Model
Penalized spline criteria involve the function of goodness of fit and penalty, which in the penalty function contains smoothing parameters. It serves to control the smoothness of the curve that works simultaneously with point knots and spline degree. The regression function with two predictors in the non-parametric model will have two different non-parametric regression functions. Therefore, we...
متن کاملA Formal Approach to Data Validation Constraints in MDE
Software security encompasses the measures taken to ensure confidentiality, integrity and availability in software systems. In present-day software development, security is often an afterthought rather than part of the software development life-cycle. In order to reveal potential security flaws before a software system is actually implemented, security aspects should be taken into account start...
متن کامل