Sciweavers

Share
APSCC
2008
IEEE

Contract-Based Security Monitors for Service Oriented Software Architecture

8 years 4 months ago
Contract-Based Security Monitors for Service Oriented Software Architecture
Monitors have been used for real-time systems to ensure proper behavior; however, most approaches do not allow for the addition of relevant fields required to identify and react to security vulnerabilities. Contracts can provide a useful mechanism for identifying and tracking vulnerabilities. Currently, contracts have been proposed for reliability and formal verification; yet, their use in security is limited. Static analysis methods are able to identify many known vulnerabilities; however, they suffer from a high rate of false-positives. The creation of a mechanism that can verify identified vulnerabilities is therefore warranted. We propose a contract-based security assertion monitoring framework (CB SAMF) for reducing the number of security vulnerabilities that are exploitable. CB SAMF will span multiple software layers and be used in an enhanced systems development life cycle (SDLC) including service-oriented analysis and design (SOAD).
Alexander M. Hoole, Issa Traoré
Added 12 Oct 2010
Updated 12 Oct 2010
Type Conference
Year 2008
Where APSCC
Authors Alexander M. Hoole, Issa Traoré
Comments (0)
books