Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
COMPSAC
2010
IEEE
2010
IEEE
Security in Context: Analysis and Refinement of Software Architectures
Security analysis methods can provide correct yet meaningless results if the assumptions underlying the model do not conform to reality. We present an approach to analyze the security of software-intensive system architectures that focusses on making these underlying assumptions explicit, so that they can be taken into account. Starting from an Alloy model of a software architecture, a set of constraints is elicited by leveraging model relaxation techniques. These constraints form a minimal but sufficient condition that the system must meet in order to realise its security requirements. As the approach starts from the minimal guarantees that the system environment offers, it does not depend on an explicit attacker model and can take arbitrary attacker behaviour into account. As it is iterative, it is possible to constructively integrate the approach in a secure software development life cycle. Our results are illustrated by means of a case study. Keywords-security; software architectur...
Real-time TrafficRelated Content
| Added | 21 Mar 2011 |
| Updated | 21 Mar 2011 |
| Type | Journal |
| Year | 2010 |
| Where | COMPSAC |
| Authors | Thomas Heyman, Riccardo Scandariato, Wouter Joosen |
Comments (0)
Researcher Info
|
