Identifying and Resolving Least Privilege Violations in Software Architectures

13 years 11 months ago

Download lirias.kuleuven.be

The implementation of security principles, like least privilege, in a software architecture is difﬁcult, as no systematic rules on how to apply them in practice exist. As a result, they are often neglected, which lowers the overall security level of the software system and increases the cost to ﬁx this later on. This paper improves the support for least privilege in software architectures by (i) deﬁning the foundations to identify potential violations of the principle herein and (ii) elicitating architectural transformations that ameliorate the security properties of the architecture. These results have been implemented and validated in three case studies.

Koen Buyens, Bart De Win, Wouter Joosen

Real-time Traffic

IEEEARES 2009 | Overall Security Level | Security Principles | Security Privacy | Software Architectures |

claim paper

Post Info
More Details (n/a)

Added	19 May 2010
Updated	19 May 2010
Type	Conference
Year	2009
Where	IEEEARES
Authors	Koen Buyens, Bart De Win, Wouter Joosen

Comments (0)

Sciweavers

Identifying and Resolving Least Privilege Violations in Software Architectures

IEEEARES 2009 | Overall Security Level | Security Principles | Security Privacy | Software Architectures |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers