Title :
A framework for an active interface to characterise compositional security contracts of software components
Author :
Khan, Khaled ; Han, Jun ; Zheng, Yuliang
Author_Institution :
Sch. of Comput. & IT, Univ. of Western Sydney, NSW, Australia
Abstract :
This paper presents a framework for constructing compositional security contracts (CsC) based on the security property exposed by the atomic component. The framework uses interface structure of components in order to determine the CsC of software components. An active interface provides the component a basis for reasoning and assessing a component´s suitability to meet certain security requirements of a particular application. Based on the security information available from the component interface, an active interface can reason whether the candidate component meets the security requirements for an envisaged systemwide application. Any security mismatches or discrepancies between components can be identified by the participating components before an actual composition takes place. Exposing the security properties of software components can be the basis for a trust relationship among components, and the exposed security could affect the underlying security of the enclosing system
Keywords :
certification; software engineering; active interface; atomic component; compositional security contracts; interface structure; security property; software components; trust relationship; Application software; Australia; Computer industry; Contracts; Industrial relations; Information security; Programming; Runtime; Software reusability; Sun;
Conference_Titel :
Software Engineering Conference, 2001. Proceedings. 2001 Australian
Conference_Location :
Canberra, ACT
Print_ISBN :
0-7695-1254-2
DOI :
10.1109/ASWEC.2001.948505
