Open AccessA Framework for Composable Security Definition, Assurance, and Enforcement
Author(s) -
Jaime A. Pavlich-Mariscal,
S. A. Demurjian,
Laurent Michel
Publication year - 2006
Publication title -
lecture notes in computer science
Language(s) - English
Resource type - Book series
SCImago Journal Rank - 0.249
H-Index - 400
eISSN - 1611-3349
pISSN - 0302-9743
ISBN - 3-540-31780-5
DOI - 10.1007/11663430_41
Subject(s) - computer science , enforcement , computer security , software security assurance , information assurance , software engineering , information security , programming language , security service , political science , law
The objective of this research is to develop techniques that integrate alternative security concerns (e.g., mandatory access control, delegation, authentication, etc.) into the software process. A framework is proposed to achieve composable security definition, assurance, and enforcement via a model-driven framework that preserves separation of security concerns from modeling through implementation, and provides mechanisms to compose these concerns into the application, while maintaining consistency between design models and code. At modeling-time, separation of concerns (e.g., RBAC, MAC, delegation, authorization, etc.) is emphasized by defining concern-specific modeling languages. At the implementation-level, aspect-oriented programming (AOP) transitions security concerns into modularized code that enforces each concern. This research assumes the use of an underlying object-oriented language with aspect-oriented extensions, and infrastructure to implement the applications and support secure access to the public methods of classes, e.g., Java with AspectJ or C++ with AspectC++.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom