Towards Language Support for Model-based Security Policy Engineering

被引:2
|
作者
Amthor, Peter [1 ]
Schlegel, Marius [1 ]
机构
[1] Tech Univ Ilmenau, Ilmenau, Germany
来源
PROCEEDINGS OF THE 17TH INTERNATIONAL JOINT CONFERENCE ON E-BUSINESS AND TELECOMMUNICATIONS (SECRYPT), VOL 1 | 2020年
关键词
Software Engineering; Security Engineering; Security Policies; Security Models; Specification Languages; Domain-specific Languages; Automatic Translation;
D O I
10.5220/0009893205130521
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Software engineering for security-critical systems is based on manual translations between languages from different domains: an informal security policy is translated to a formally verifiable model, and further to actual source code. This is an error-prone task, put at the risk of losing hard-acquired correctness guarantees. To mitigate this problem, we argue for a methodical support by domain-specific languages and tools. We present ongoing work on two languages that substantiate this thesis, including their usage in a practical setting, and discuss the benefits from combining them with appropriate tool support.
引用
收藏
页码:513 / 521
页数:9
相关论文
共 50 条
  • [31] Tool support for model-based engineering of web service compositions
    Foster, H
    Uchitel, S
    Magee, J
    Kramer, J
    [J]. 2005 IEEE International Conference on Web Services, Vols 1 and 2, Proceedings, 2005, : 95 - 102
  • [32] Model-based security testing Deriving test models from artefacts of security engineering
    Lunkeit, Armin
    Schieferdecker, Ina
    [J]. 2018 IEEE 11TH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION WORKSHOPS (ICSTW), 2018, : 244 - 251
  • [33] Multi-layered Model-based Design Approach towards System Safety and Security Co-engineering
    Quamara, Megha
    Pedroza, Gabriel
    Hamid, Brahim
    [J]. 24TH ACM/IEEE INTERNATIONAL CONFERENCE ON MODEL-DRIVEN ENGINEERING LANGUAGES AND SYSTEMS COMPANION (MODELS-C 2021), 2021, : 276 - 285
  • [34] Towards an Extensible Architecture and Tool Support for Model-based Verification
    Delgado, David
    Burgueno, Lola
    Camara, Javier
    Troya, Javier
    [J]. 2023 ACM/IEEE INTERNATIONAL CONFERENCE ON MODEL DRIVEN ENGINEERING LANGUAGES AND SYSTEMS COMPANION, MODELS-C, 2023, : 806 - 810
  • [35] A Model-Based Systems Engineering Plugin for Cloud Security Architecture Design
    Yuri Gil Dantas
    Vivek Nigam
    Ulrich Schöpp
    [J]. SN Computer Science, 5 (5)
  • [36] Model-based security engineering of distributed information systems using UMLsec
    Best, Bastian
    Jurjens, Jan
    Nuseibeh, Bashar
    [J]. ICSE 2007: 29TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, PROCEEDINGS, 2007, : 581 - +
  • [37] Sound methods and effective tools for model-based security engineering with UML
    Jürjens, J
    [J]. ICSE 05: 27TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, PROCEEDINGS, 2005, : 322 - 331
  • [38] Specification of Information Flow Security Policies in Model-Based Systems Engineering
    Gerking, Christopher
    [J]. SOFTWARE TECHNOLOGIES: APPLICATIONS AND FOUNDATIONS, 2018, 11176 : 617 - 632
  • [39] SCDML: A Language for Conceptual Data Modeling in Model-based Systems Engineering
    Hennig, Christian
    Hoppe, Tobias
    Eisenmann, Harald
    Viehl, Alexander
    Bringmann, Oliver
    [J]. PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON MODEL-DRIVEN ENGINEERING AND SOFTWARE DEVELOPMENT (MODELSWARD 2016), 2016, : 184 - 192
  • [40] An Integrated Intelligent Modeling and Simulation Language for Model-based Systems Engineering
    Zhang, Lin
    Ye, Fei
    Xie, Kunyu
    Gu, Pengfei
    Wang, Xiaohan
    Laili, Yuanjun
    Zhao, Chun
    Zhang, Xuesong
    Chen, Minjie
    Lin, Tingyu
    Chen, Zhen
    [J]. JOURNAL OF INDUSTRIAL INFORMATION INTEGRATION, 2022, 28
12345