Title :
A process framework for characterising security properties of component-based software systems
Author :
Khan, Khaled M. ; Han, Jun
Author_Institution :
Sch. of Comput. & IT, Univ. of Western Sydney, Penrith, NSW, Australia
Abstract :
We present a security characterisation process framework for software components and their compositions in order to address the issue of trust in component based software. The process is based on the idea of publishing trust related properties of software components in machine readable as well as understandable form at the component level and incorporating such properties with runtime composition of the application system. We explore the actual process involved in specifying publishable security properties of atomic components, component certification, reasoning about compositional security contracts, and characterising ultimate systems-level security properties to inspire trust in software components.
Keywords :
object-oriented programming; security of data; software process improvement; atomic component; component-based software system; compositional security contract; publishable security property; security characterisation process framework; system-level security; trust related property; Application software; Australia; Computer architecture; Information security; Information technology; Internet; Publishing; Runtime; Software engineering; Software systems;
Conference_Titel :
Software Engineering Conference, 2004. Proceedings. 2004 Australian
Print_ISBN :
0-7695-2089-8
DOI :
10.1109/ASWEC.2004.1290489
