DocumentCode
3459735
Title
A framework for an active interface to characterise compositional security contracts of software components
Author
Khan, Khaled ; Han, Jun ; Zheng, Yuliang
Author_Institution
Sch. of Comput. & IT, Univ. of Western Sydney, NSW, Australia
fYear
2001
fDate
2001
Firstpage
117
Lastpage
126
Abstract
This paper presents a framework for constructing compositional security contracts (CsC) based on the security property exposed by the atomic component. The framework uses interface structure of components in order to determine the CsC of software components. An active interface provides the component a basis for reasoning and assessing a component´s suitability to meet certain security requirements of a particular application. Based on the security information available from the component interface, an active interface can reason whether the candidate component meets the security requirements for an envisaged systemwide application. Any security mismatches or discrepancies between components can be identified by the participating components before an actual composition takes place. Exposing the security properties of software components can be the basis for a trust relationship among components, and the exposed security could affect the underlying security of the enclosing system
Keywords
certification; software engineering; active interface; atomic component; compositional security contracts; interface structure; security property; software components; trust relationship; Application software; Australia; Computer industry; Contracts; Industrial relations; Information security; Programming; Runtime; Software reusability; Sun;
fLanguage
English
Publisher
ieee
Conference_Titel
Software Engineering Conference, 2001. Proceedings. 2001 Australian
Conference_Location
Canberra, ACT
ISSN
1530-0803
Print_ISBN
0-7695-1254-2
Type
conf
DOI
10.1109/ASWEC.2001.948505
Filename
948505
Link To Document