A process framework for characterising security properties of component-based software systems

Author

Khan, Khaled M. ; Han, Jun

Author_Institution

Sch. of Comput. & IT, Univ. of Western Sydney, Penrith, NSW, Australia

fYear

2004

fDate

2004

Firstpage

358

Lastpage

367

Abstract

We present a security characterisation process framework for software components and their compositions in order to address the issue of trust in component based software. The process is based on the idea of publishing trust related properties of software components in machine readable as well as understandable form at the component level and incorporating such properties with runtime composition of the application system. We explore the actual process involved in specifying publishable security properties of atomic components, component certification, reasoning about compositional security contracts, and characterising ultimate systems-level security properties to inspire trust in software components.

Keywords

object-oriented programming; security of data; software process improvement; atomic component; component-based software system; compositional security contract; publishable security property; security characterisation process framework; system-level security; trust related property; Application software; Australia; Computer architecture; Information security; Information technology; Internet; Publishing; Runtime; Software engineering; Software systems;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Engineering Conference, 2004. Proceedings. 2004 Australian

Print_ISBN

0-7695-2089-8

Type

conf

DOI

10.1109/ASWEC.2004.1290489

Filename

1290489