• DocumentCode
    1924529
  • Title

    Reusable Formal Models for Secure Software Architectures

  • Author

    Heyman, Thomas ; Scandariato, Riccardo ; Joosen, Wouter

  • fYear
    2012
  • fDate
    20-24 Aug. 2012
  • Firstpage
    41
  • Lastpage
    50
  • Abstract
    Formal modelling techniques are often disregarded as their semantics are too distant from the mainstream practice of software architecture design, which is dominated by the use of component based modelling and patterns. This paper advocates the need for formal modelling techniques for humans, i.e., software architects who need to precisely ascertain the security properties of their design models. We contribute a technique that enables architects to more easily construct verified, secure architecture designs by assembling already verified security pattern models. Our approach is illustrated with a pattern language for accountability. It is validated by an observational study that shows that the approach produces reusable results, and is able to uncover relevant architectural security flaws.
  • Keywords
    formal verification; security of data; software architecture; software reusability; architectural security flaw; component based modelling; pattern language; reusable formal modelling technique; secure software architecture; security pattern model; security property; Abstracts; Computational modeling; Computer architecture; Metals; Security; Software architecture; Unified modeling language; modelling; security patterns; software architecture;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Architecture (WICSA) and European Conference on Software Architecture (ECSA), 2012 Joint Working IEEE/IFIP Conference on
  • Conference_Location
    Helsinki
  • Print_ISBN
    978-1-4673-2809-8
  • Type

    conf

  • DOI
    10.1109/WICSA-ECSA.212.12
  • Filename
    6337760
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1924529