Title :
Building high assurance secure applications using security patterns for capability-based platforms
Author_Institution :
NICTA, Eveleigh, NSW, Australia
Abstract :
Building high assurance secure applications requires the proper use of security mechanisms and assurances provided by the underlying secure platform. However, applications are often built using security patterns and best practices that are agnostic with respect to the intricate specifics of the different underlying platforms. This independence from the underlying platform leaves a gap between security patterns and underlying secure platforms. In this PhD research abstract, we propose a novel approach to bridge this gap. Specifically, we propose reusable capability-specific design fragments for security patterns, which are specialization for patterns in a capability-based system. The focus is on systems that adhere to a capability-based security model, which we consider as the underlying platforms, to provide desired application-wide security properties. We also discuss assumptions and levels of assurance for these reusable designs and their use in the verification of application designs.
Keywords :
Capability Maturity Model; security of data; software reusability; application-wide security property; capability-based platforms; capability-based security model; capability-based system; reusable capability-specific design fragments; reusable designs; secure platform; security assurances; security mechanisms; security patterns; Analytical models; Buildings; Formal verification; Security; Software architecture; Unified modeling language; Assurance; Capability; Platform; Security Patterns; Whole System;
Conference_Titel :
Software Engineering (ICSE), 2013 35th International Conference on
Conference_Location :
San Francisco, CA
Print_ISBN :
978-1-4673-3073-2
DOI :
10.1109/ICSE.2013.6606727
