License
when quoting this document, please refer to the following
URN: urn:nbn:de:0030-drops-8594
URL: http://drops.dagstuhl.de/opus/volltexte/2007/859/

Fox, Jorge ; Juerjens, Jan

A Framework for Analyzing Composition of Security Aspects

pdf-format:
Dokument 1.pdf (584 KB)


Abstract

The methodology of aspect-oriented software engineering has been proposed to factor out concerns that are orthogonal to the core functionality of a system. In particular, this is a useful approach to handling the difficulties of integrating non-functional requirements such as security into complex software systems. Doing so correctly and securely, however, still remains a non-trivial task. For example, one has to make sure that the ”weaving” process actually enforces the aspects needed. This is highly non-obvious especially in the case of security, since different security aspects may actually contradict each other, in which case they cannot be woven in a sequential way without destroying each other. To address these problems, this paper introduces a framework for the aspect-oriented development of secure software using composition filters at the model level. Using an underlying foundation based on streamprocessing functions, we explore under which conditions security properties are preserved when composed as filters. Thanks to this foundation we may also rely on model level verification tools and on code and model weaving to remedy security failures. Our approach is explained using as case-studies a web banking application developed by a major German bank and a webstore design.

BibTeX - Entry

@InProceedings{fox_et_al:DSP:2007:859,
  author =	{Jorge Fox and Jan Juerjens},
  title =	{A Framework for Analyzing Composition of Security Aspects},
  booktitle =	{Methods for Modelling Software Systems (MMOSS)},
  year =	{2007},
  editor =	{Ed Brinksma and David Harel and Angelika Mader and Perdita Stevens and Roel Wieringa},
  number =	{06351},
  series =	{Dagstuhl Seminar Proceedings},
  ISSN =	{1862-4405},
  publisher =	{Internationales Begegnungs- und Forschungszentrum f{\"u}r Informatik (IBFI), Schloss Dagstuhl, Germany},
  address =	{Dagstuhl, Germany},
  URL =		{http://drops.dagstuhl.de/opus/volltexte/2007/859},
  annote =	{Keywords: Aspects in software engineering, aspect interference, verification, semantics, formal methods}
}

Keywords: Aspects in software engineering, aspect interference, verification, semantics, formal methods
Seminar: 06351 - Methods for Modelling Software Systems (MMOSS)
Issue date: 2007
Date of publication: 11.04.2007


DROPS-Home | Fulltext Search | Imprint Published by LZI