Aspect-oriented Security Engineering A Model-based Approach
Engineering secure systems is an error-prone process, where any decision margin potentially favors critical implementation faults. To this end, formal security models serve as an abstract basis for verifying security properties. Unfortunately, the potential for human error in engineering and analyzi...
Uložené v:
| Médium: | E-kniha |
|---|---|
| Jazyk: | English |
| Vydavateľské údaje: |
Cuvillier Verlag
2019
|
| ISBN: | 9783736989801, 3736989806 |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | Engineering secure systems is an error-prone process, where any decision margin potentially favors critical implementation faults. To this end, formal security models serve as an abstract basis for verifying security properties. Unfortunately, the potential for human error in engineering and analyzing such models is still considerable.This work seeks to mitigate this problem. We identified semantic gaps between security requirements, informal security policies, and security models as a major source of error. Our goal is then based on this observation: to support error-minimizing design decisions by bridging such gaps. Due to the broad range of security-critical application domains, no single modeling framework may achieve this. We therefore adopt the idea of aspect-oriented software development to tailor the formal part of a security engineering process towards security requirements of the system.Our method, termed aspect-oriented security engineering, is based on the idea of keeping each step in this process well-defined, small, and monotonic in terms of the degree of formalism. Our practical results focus on two use cases: first, model engineering for operating systems and middleware security policies; second, model analysis of runtime properties related to potential privilege escalation. We eventually combine both use cases to present a model-based reengineering approach for the access control system of Security-Enhanced Linux (SELinux). |
|---|---|
| AbstractList | Engineering secure systems is an error-prone process, where any decision margin potentially favors critical implementation faults. To this end, formal security models serve as an abstract basis for verifying security properties. Unfortunately, the potential for human error in engineering and analyzing such models is still considerable.This work seeks to mitigate this problem. We identified semantic gaps between security requirements, informal security policies, and security models as a major source of error. Our goal is then based on this observation: to support error-minimizing design decisions by bridging such gaps. Due to the broad range of security-critical application domains, no single modeling framework may achieve this. We therefore adopt the idea of aspect-oriented software development to tailor the formal part of a security engineering process towards security requirements of the system.Our method, termed aspect-oriented security engineering, is based on the idea of keeping each step in this process well-defined, small, and monotonic in terms of the degree of formalism. Our practical results focus on two use cases: first, model engineering for operating systems and middleware security policies; second, model analysis of runtime properties related to potential privilege escalation. We eventually combine both use cases to present a model-based reengineering approach for the access control system of Security-Enhanced Linux (SELinux). |
| BookMark | eNotzD1rwzAQAFBBGkib-B9kyNDVcGdZOmkMIf2AQIeWrkHWnY3bIAXLGfrvO7TT296Duks5yUJVnpwmbb3zDnClqlK-AEADYIv-Xj3uy1XiXOdplDQL794l3qZx_tkd0zAmkWlMw0Yt-3ApUv27Vp9Px4_DS316e3497E91QPJk6hh000RiRsbGCUXf-d60aLsGKLhWg2-BLYZgIwkTMQbskcCwaGav12r7F19lusiQz13O3-Ws0Rhrrf4FC0c69g |
| ContentType | eBook |
| DBID | YSPEL |
| DatabaseName | Perlego |
| DatabaseTitleList | |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| ExternalDocumentID | 3155666 |
| Genre | Electronic books |
| GroupedDBID | -VX 5O- AABBV ABARN ABMRC ABQPQ ACBYE ACLGV ADVEM AERYV AFOJC AHWGJ AJFER ALMA_UNASSIGNED_HOLDINGS AZZ BBABE CZZ DUGUG EBSCA GEOUK YSPEL |
| ID | FETCH-LOGICAL-a17975-ca322c7dd1d128e7c9b9f5416b207a8430940d61aa6c7ed77d1a1f1705de3dd93 |
| ISBN | 9783736989801 3736989806 |
| IngestDate | Tue Dec 02 17:53:31 EST 2025 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-a17975-ca322c7dd1d128e7c9b9f5416b207a8430940d61aa6c7ed77d1a1f1705de3dd93 |
| PageCount | 260 pages |
| ParticipantIDs | perlego_books_3155666 |
| PublicationCentury | 2000 |
| PublicationDate | 2019 |
| PublicationDateYYYYMMDD | 2019-01-01 |
| PublicationDate_xml | – year: 2019 text: 2019 |
| PublicationDecade | 2010 |
| PublicationYear | 2019 |
| Publisher | Cuvillier Verlag |
| Publisher_xml | – name: Cuvillier Verlag |
| SSID | ssj0003001419 |
| Score | 2.0871842 |
| Snippet | Engineering secure systems is an error-prone process, where any decision margin potentially favors critical implementation faults. To this end, formal security... |
| SourceID | perlego |
| SourceType | Publisher |
| Subtitle | A Model-based Approach |
| Title | Aspect-oriented Security Engineering |
| URI | https://www.perlego.com/book/3155666/aspectoriented-security-engineering-a-modelbased-approach-pdf |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV3Na8IwFH9M3WGnfTnmvujB2wi0Jk2as7gNJk6YE3eStEnHLlX8wj9_LzXVKuywwy6hfbRJ-37wvngfAE1O_bQVGk1Q-4WERaEksVK2gJkbnytjWD46YdgVvV40Gsm-y-Oa5-MERJZF67Wc_ivUSEOwbensH-DebooEvEbQcUXYcT2wiLe3Lt84r5okE9u5OLcj3Wi6cs_BspNv64r2nPz2cmWjL2b2WIryFU4gFTSfAume32sp_fne73T3yRvdhWYEOi4VqAiOcqH23Hn7eN3Gpmie_iltKUyxN980K9qdhf7CFL_FfJX18eAMasYWaZzDkcku4LQYTeE5SXUJzQNmeAUzvBIz6jB86gzaL8QNhCAK5YYISaJQ_iRC60CjXjUikbFMQ7Qp45YvVMSo7QaoeaAUT4TRQuhABantGKQN1VrSK6hmk8xcgxexWMcM304ZmmDaj1IqYqYE2jCUmlA3oO7-b2zRnI8dy25-od_CyQ64O6guZktzD8fJavE9nz04Dv8A8d_tGg |
| linkProvider | ProQuest Ebooks |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=book&rft.title=Aspect-oriented+Security+Engineering&rft.date=2019-01-01&rft.pub=Cuvillier+Verlag&rft.isbn=9783736989801&rft.externalDBID=YSPEL&rft.externalDocID=3155666 |
| thumbnail_l | http://cvtisr.summon.serialssolutions.com/2.0.0/image/custom?url=https%3A%2F%2Fwww.perlego.com%2Fbooks%2FRM_Books%2Fcuvillier_verlag_mlffbzp%2F9783736989801.jpg |