Open AccessA Framework based on Security Patterns for Transformations
Author(s) -
Fábio Sarturi Prass,
Lisandra Manzoni Fontoura,
Osmar Marchi dos Santos
Publication year - 2012
Language(s) - English
Resource type - Conference proceedings
DOI - 10.5753/sbqs.2012.15325
Subject(s) - computer science , computer security model , software security assurance , security testing , transformation (genetics) , software , software engineering , security service , security information and event management , computer security , information security , cloud computing security , cloud computing , programming language , operating system , biochemistry , chemistry , gene
Security Patterns can be used in systems to protect shared data and information. They use the security specifications for controlling access to resources and prevent security violations. The increasing complexity of systems and the natural growth in the cost required to develop software, make the search for alternatives that can shorten the development effort becomes increasingly important. One of these initiatives is the MDA approach that allows modeling and application of transformations on the models in order to obtain the software in an automated way. Therefore, we propose a framework based on security patterns oriented model, providing guidelines for implementation of the application model, the validation of the correct use of patterns and the automatic generation for a specific platform. Security is implicitly inserted in the system by means of the transformation between models and automatic encoding, ensuring that security will not be violated at any level and will not be susceptible to errors or alterations in the code.