• DocumentCode
    3587354
  • Title

    Verifying Secure Interface Composition for Component-Based System Designs

  • Author

    Cong Sun ; Ning Xi ; Jinku Li ; Qingsong Yao ; Jianfeng Ma

  • Author_Institution
    Sch. of Comput. Sci. & Technol., Xidian Univ., Xi´an, China
  • Volume
    1
  • fYear
    2014
  • Firstpage
    359
  • Lastpage
    366
  • Abstract
    Information flow security has been considered as a critical requirement on software systems, especially when heterogeneous components from different parties cooperate to achieve end-to-end enforcement on data confidentiality. Enforcing the information flow security properties on complicated systems faces a great challenge because the properties cannot be preserved under composition and most of the current approaches are not scalable enough. To address this problem, there have been several recent efforts on the compositional information flow analyses developed for different abstraction levels. But these approaches have rarely been considered to incorporate with the process of system design. Integrating the security enforcement with the model-based development process can provide the designer with ability to verify information flow security in the early stage of system development. We propose a compositional information flow verification which is integrated with model-based system design in Sys ML by an automated model translation from semi-formal behavior and structure models to interface automata. Our compositional approach is general to support the complex security lattices and a variety of in distinguish ability relations. The evaluation results show the usability of our approach on practical system designs and the scalability of the compositional verification.
  • Keywords
    automata theory; object-oriented programming; security of data; software architecture; SysML; abstraction levels; automated model translation; complex security lattices; component-based system designs; compositional information flow analyses; data confidentiality; heterogeneous components; information flow security; interface automata; model-based development process; model-based system design; secure interface composition verification; security enforcement; semiformal behavior; software systems; structure models; Artificial intelligence; Automata; Component architectures; Lattices; Modeling; Security; Unified modeling language; component-based design; information flow; interface automata; model translation; model-based development; noninterference; systems modeling language;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Engineering Conference (APSEC), 2014 21st Asia-Pacific
  • ISSN
    1530-1362
  • Print_ISBN
    978-1-4799-7425-2
  • Type

    conf

  • DOI
    10.1109/APSEC.2014.60
  • Filename
    7091331