Skip to main content
SpringerLink
Log in
Book cover

Security and Dependability for Ambient Intelligence pp 21–36Cite as

Security and Dependability Engineering

  • Chapter
  • First Online:

Part of the book series: Advances in Information Security ((ADIS,volume 45))

Abstract

The current state of the art in security-critical ambient systems is far from satisfactory: New security vulnerabilities are discovered on an almost daily basis. To improve this situation, there has recently been a lot of work on techniques and tools supporting the development of trustworthy security-critical software, in particular for dynamic systems in an ambient environment. This chapter gives an overview over the field of security and dependability engineering, with an emphasis on ambient system security, and on current advances based on model-based development using UML and providing strong assurance results. We give examples for security flaws found in industrial software using such tools and shortly discuss some open research issues.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agreiter B, Alam M, Hafner M, Seifert J-P, and Zhang X (2007). Model driven configuration of secure operating systems for mobile applications in healthcare. In Sztipanovits et al. [83].

    Google Scholar 

  2. Alam M, Hafner M, and Breu R (2007). Model-driven security engineering for trust management in SECTET. Journal of Software, 2(1).

    Google Scholar 

  3. Alam M, Hafner M, Memon M, and Hung P (2007). Modeling and enforcing advanced access control policies in healthcare systems with SECTET. In Sztipanovits et al. [83].

    Google Scholar 

  4. Anderson R (2001). Security Engineering: A Guide to Building Dependable Distributed Systems. John Wiley & Sons, New York.

    Google Scholar 

  5. Apvrille A and Pourzandi M (2005). Secure software development by example. IEEE Security & Privacy, 3(4):10–17.

    Article  Google Scholar 

  6. Arenas A, Aziz B, Bicarregui J, Matthews B, and Yang EY (2008). Modelling security properties in a grid-based operating system with anti-goals. In ARES [42]: 1429–1436.

    Google Scholar 

  7. Basin DA, Clavel M, Doser J, Egea M (2007). A Metamodel-Based Approach for Analyzing Security-Design Models. MoDELS 2007: 420–435.

    Google Scholar 

  8. Breu R, Burger K, Hafner M, Jürjens J, Popp G, Wimmel G, Lotz V (2003). Key Issues of a Formally Based Process Model for Security Engineering. In Sixteenth Intern. Conference on Software & Systems Engineering & their Applications (ICSSEA 2003).

    Google Scholar 

  9. Baldwin A, Beres Y, Shiu S, and Kearney P (2006). A model based approach to trust, security and assurance. BT Technology Journal, 24(4):53–68.

    Article  Google Scholar 

  10. Basin DA, Doser J, and Lodderstedt T (2006). Model driven security: From UML models to access control infrastructures. ACM Trans. Softw. Eng. Methodol., 15(1): 39–91.

    Article  Google Scholar 

  11. Bauer A and Jürjens J (2008). Security protocols, properties, and their monitoring. In Bart De Win, Seok-Won Lee, and Mattia Monga, editors, SESS: 33–40. ACM.

    Google Scholar 

  12. Best B, Jürjens J, and Nuseibeh B (2007). Model-based security engineering of distributed information systems using UMLsec. In ICSE. ACM.

    Google Scholar 

  13. Bhargavan K, Fournet C, Gordon AD, and Tse S (2006). Verified interoperable implementations of security protocols. In CSFW: 139–152. IEEE Computer Society.

    Google Scholar 

  14. Blobel B, Nordberg R, Davis JM, and Pharow P (2006). Modelling privilege management and access control. International Journal of Medical Informatics, 75(8): 597–623.

    Article  Google Scholar 

  15. Blobel B and Pharow P (2007). A model-driven approach for the german health telematics architectural framework and security infrastructure. International Journal of Medical Informatics, 76(2–3): 169–175.

    Article  Google Scholar 

  16. Boehm BW (1981). Software Engineering Economics. Prentice Hall, Englewood Cliffs, NJ.

    MATH  Google Scholar 

  17. Brucker AD, Doser J, and Wolff B (2006). A model transformation semantics and analysis methodology for SecureUML. In MoDELS 2006, volume 4199 of LNCS: 306–320. Springer.

    Google Scholar 

  18. Buchholtz M, Gilmore S, Haenel V, and Montangero C (2005). End-to-end integrated security and performance analysis on the DEGAS Choreographer Platform. In FM 2005, volume 3582 of LNCS: 286–301. Springer.

    Google Scholar 

  19. Crook R, Ince DC, Lin L, and Nuseibeh B (2002). Security requirements engineering: When anti-requirements hit the fan. In RE 2002: 203–205. IEEE.

    Google Scholar 

  20. Daskala B and Maghiros I (2007). Digital Territories – Towards the protection of public and private space in a digital and Ambient Intelligence environment. Institute for Prospective Technological Studies (IPTS).

    Google Scholar 

  21. Deubler M, Grünbauer J, Jürjens J, and Wimmel G (2004). Sound development of secure service-based systems. In ICSOC 2004: 115–124. ACM.

    Article  Google Scholar 

  22. Devanbu P and Stubblebine S (2000). Software engineering for security: a roadmap. In The Future of Software Engineering (ICSE 2000): 227–239.

    Google Scholar 

  23. Dimitrakos T, Ritchie B, Raptis D, Aagedal JØ, den Braber F, Stølen K, and Houmb SH (2002). Integrating model-based security risk management into ebusiness systems development: The CORAS approach. In Second IFIP Conference on E-Commerce, E-Business, E-Government (I3E 2002): 159–175. Kluwer.

    Google Scholar 

  24. Eckert C and Marek D (1997). Developing secure applications: A systematic approach. In 13th International Conference on Information Security (SEC 1998): 267–279.

    Google Scholar 

  25. Elahi G and Yu E (2007). A goal oriented approach for modeling and analyzing security trade-offs. In ER 2007, volume 4801 of LNCS: 375–390. Springer.

    Google Scholar 

  26. Fernandez EB and Hawkins JC (1997). Determining role rights from use cases. In Workshop on Role-Based Access Control: 121–125. ACM.

    Google Scholar 

  27. Fernandez EB, Larrondo-Petrie MM, Sorgente T, and VanHilst M (2006). A methodology to develop secure systems using patterns. In H Mouratidis and P Giorgini, editors, Integrating security and software engineering: Advances and future vision, chapter 5: 107–126. IDEA Press.

    Google Scholar 

  28. Fernández-Medina E and Piattini M (2004). Extending OCL for secure database development. In UML 2004, LNCS: 380–394. Springer.

    Google Scholar 

  29. Flechais I, Mascolo C, and Sasse MA (2007). Integrating security and usability into the requirements and design process. International Journal of Electronic Security and Digital Forensics, 1(1):12–26.

    Article  Google Scholar 

  30. Model-driven security: Enabling a real-time, adaptive security infrastructure. Gartner Briefing G00151498, 21 Sep. 2007.

    Google Scholar 

  31. Gilmore S, Haenel V, Kloul L, and Maidl M (2005). Choreographing security and performance analysis for web services. In EPEW/WS-FM 2005, volume 3670 of LNCS: 200–214. Springer.

    Google Scholar 

  32. Giorgini P, Massacci F, and Mylopoulos J (2003). Requirement engineering meets security: A case study on modelling secure electronic transactions by VISA and Mastercard. In I.-Y. Song, S. W. Liddle, T. W. Ling, and P Scheuermann, editors, 22nd International Conference on Conceptual Modeling (ER 2003), volume 2813 of LNCS: 263–276. Springer.

    Google Scholar 

  33. Giorgini P, Massacci F, Mylopoulos J, and Zannone N (2005). Modeling security requirements through ownership, permission and delegation. In RE: 167–176. IEEE Computer Society.

    Google Scholar 

  34. Gollmann D (2000). On the verification of cryptographic protocols – a tale of two committees. In S Schneider and P Ryan, editors, Workshop on Security Architectures and Information Flow, volume 32 of ENTCS. Elsevier.

    Google Scholar 

  35. Goubault-Larrecq J and Parrennes F (2005). Cryptographic protocol analysis on real c code. In VMCAI'05, LNCS. Springer.

    Google Scholar 

  36. Gürgens S and Peralta R (2000). Validation of cryptographic protocols by efficient automated testing. In James N. Etheredge and Bill Z. Manaris, editors, FLAIRS Conference: 7–12. AAAI Press.

    Google Scholar 

  37. Haley CB, Laney RC, Moffett JD, and Nuseibeh B (2008). Security requirements engineering: A framework for representation and analysis. IEEE Trans. Software Eng., 34(1):133–153.

    Article  Google Scholar 

  38. Haneberg D, Reif W, and Stenzel K (2002). A method for secure smartcard applications. In Hélène Kirchner and Christophe Ringeissen, editors, AMAST, volume 2422 of Lecture Notes in Computer Science: 319–333. Springer.

    Google Scholar 

  39. Heldal R and Hultin F (2003). Bridging model-based and language-based security. In E Snekkenes and D Gollmann, editors, 8th European Symposium on Research in Computer Security (ESORICS 2003), volume 2808 of LNCS: 235–252. Springer.

    Google Scholar 

  40. Höhn S and Jürjens J (2008). Rubacon: automated support for model-based compliance engineering. In Robby, editor, ICSE: 875–878. ACM.

    Google Scholar 

  41. Houmb SH, Georg G, France RB, Bieman JM, and Jürjens J (2005). Cost-benefit trade-off analysis using BBN for aspect-oriented risk-driven development. In ICECCS: 195–204. IEEE Computer Society.

    Google Scholar 

  42. IEEE. 3rd Int Conference on Availability, Reliability and Security (ARES 2008), 2008.

    Google Scholar 

  43. Jayaram KR and Mathur A (2005). Software engineering for secure software – state of the art: A survey. Technical Report CERIAS-TR-2005-67, SERC-TR-279, CERIAS, Purdue.

    Google Scholar 

  44. Jürjens J (2000). Secure information flow for concurrent processes. In C Palamidessi, editor, CONCUR 2000 (11th International Conference on Concurrency Theory), volume 1877 of LNCS: 395–409. Springer.

    Google Scholar 

  45. Jürjens J (2001). Secrecy-preserving refinement. In International Symposium on Formal Methods Europe (FME), volume 2021 of LNCS: 135–152. Springer.

    Google Scholar 

  46. Jürjens J (2001). Towards development of secure systems using UMLsec. In H Hußmann, editor, 4th International Conference on Fundamental Approaches to Software Engineering (FASE), volume 2029 of LNCS: 187–200. Springer. Also Oxford University Computing Laboratory TR-9-00 (November 2000), http://web.comlab.ox.ac.uk/oucl/publications/tr/tr-9-00.html

  47. Jürjens J (2002). UMLsec: Extending UML for secure systems development. In 5th Int Conf on the Unified Modeling Language (UML), LNCS. Springer.

    Google Scholar 

  48. Jürjens J (2002). Formal Semantics for Interacting UML subsystems. In Formal Methods for Open Object-Based Distributed Systems (FMOODS 2002), IFIP, Kluwer: 29–43.

    Google Scholar 

  49. Jürjens J, Shabalin P (2004). Automated Verification of UMLsec Models for Security Requirements. In 7th Intern. Conference on The Unified Modeling Language (UML 2004), Lecture Notes in Computer Science: 142–155. Springer.

    Google Scholar 

  50. Jürjens J (2005). Secure Systems Development with UML. Springer.

    Google Scholar 

  51. Jürjens J (2005). Sound methods and effective tools for model-based security engineering with UML. In 27th Int Conf on Softw Engineering. IEEE.

    Google Scholar 

  52. Jürjens J (2006). Security analysis of crypto-based Java programs using automated theorem provers. In S Easterbrook and S Uchitel, editors, 21st IEEE/ACM International Conference on Automated Software Engineering (ASE 2006). ACM.

    Google Scholar 

  53. Jürjens J (2009). A domain-specific language for cryptographic protocols based on streams. To appear, Journal of Logic and Algebraic Programming (JLAP): 54–73.

    Google Scholar 

  54. Jürjens J and Rumm R (2008). Model-based security analysis of the German Health Card architecture. Methods of Information in Medicine, vol. 47, 5: 409–416. Special section on Model-based Development of Trustworthy Health Information Systems.

    Google Scholar 

  55. Jürjens J and Shabalin P (2007). Tools for secure systems development with UML. Intern. Journal on Software Tools for Technology Transfer, 9(5–6):527–544. Invited submission to the special issue for FASE 2004/05.

    Google Scholar 

  56. Jürjens J, Wimmel G (2001). Security Modelling for Electronic Commerce: The Common Electronic Purse Specifications. In Towards the E-Society: E-Commerce, E-Business, and E-Government. Intern. Federation for Information Processing (IFIP), Kluwer Academic Publishers: 489–506. First IFIP Conference on E-Commerce, E-Business, and E-Government (I3E 2001).

    Google Scholar 

  57. Jürjens J and Yampolskiy M (2005). Code security analysis with assertions. In D.F. Redmiles, T Ellman, and A Zisman, editors, 20th IEEE/ACM International Conference on Automated Software Engineering (ASE 2005): 392–395. ACM.

    Google Scholar 

  58. Kearney P and Brügger L (2007). A risk-driven security analysis method and modelling language. BT Technology Journal, 25(1).

    Google Scholar 

  59. Koch M and Parisi-Presicce F (2006). UML specification of access control policies and their formal verification. Software and System Modeling, 5(4):429–447.

    Article  Google Scholar 

  60. Kolarczyk S, Koch M, Löhr K-P , and Pauls K (2006). SecTOOL – supporting requirements engineering for access control. In Günter Müller, editor, ETRICS, volume 3995 of Lecture Notes in Computer Science: 254–267. Springer.

    Google Scholar 

  61. Lotz V (1997). Threat scenarios as a means to formally develop secure systems. Journal of Computer Security, 5(1):31–68.

    Google Scholar 

  62. Maña A, Montenegro JA, Rudolph C, and Vivas JL (2003). A business process-driven approach to security engineering. In DEXA Workshops: 477–481. IEEE Computer Society.

    Google Scholar 

  63. Maña A, Rudolph C, Spanoudakis G, Lotz V, Massacci F, Melideo M, and López-Cobo J-M (2006). Security engineering for Ambient Intelligence: A manifesto. In H Mouratidis, editor, Integrating Security and Software Engineering: Advances and Future Vision. Idea Group.

    Google Scholar 

  64. Massacci F, Mylopoulos J, and Zannone N (2007). Computer-aided support for secure tropos. Autom. Softw. Eng., 14(3):341–364.

    Article  Google Scholar 

  65. Mathe J, Duncavage S, Werner J, Malin B, Ledeczi A, and Sztipanovits J (2007). Implementing a model-based design environment for clinical information systems. In Sztipanovits et al. [83].

    Google Scholar 

  66. McGraw G (2006). Software Security: Building Security In. Addison Wesley.

    Google Scholar 

  67. Méry D and Merz S (2007). Specification and refinement of access control. J. UCS, 13(8):1073–1093.

    Google Scholar 

  68. Moebius N, Haneberg D, Reif W, and Schellhorn G (2007). A modeling framework for the development of provably secure e-commerce applications. In ICSEA: 8. IEEE Computer Society.

    Google Scholar 

  69. Mouratidis H, Giorgini P, and Manson GA (2003). Integrating security and systems engineering: Towards the modelling of secure information systems. In J Eder and M Missikoff, editors, 15th International Conference on Advanced Information Systems Engineering (CAiSE 2003), volume 2681 of LNCS: 63–78. Springer.

    Google Scholar 

  70. Mouratidis H, Jürjens J, and Fox J (2006). Towards a comprehensive framework for secure systems development. In 18th International Conference on Advanced Information Systems Engineering (CAiSE 2006), LNCS. Springer.

    Google Scholar 

  71. Pironti A, Sisto R (2008). Soundness Conditions for Message Encoding Abstractions in Formal Security Protocol Models. In ARES 2008: 72–79.

    Google Scholar 

  72. Ray I, France RB, Li N, and Georg G (2004). An aspect-based approach to modeling access control concerns. Information & Software Technology, 46(9):575–587.

    Article  Google Scholar 

  73. Redwine S (2007). Introduction to modeling tools for software security. In: Build Security In – Setting a Higher Standard for Software Assurance. Software Engineering Institute (SEI), Carnegie Mellon University. Available at https://buildsecurityin.us-cert.gov/daisy/bsi/articles/tools/modeling/698-BSI.html

  74. Rosado DG, Fernández-Medina E, Piattini M, and Gutiérrez C (2006). A study of security architectural patterns. In ARES: 358–365. IEEE Computer Society.

    Google Scholar 

  75. Saltzer J and Schroeder M (1975). The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278–1308.

    Article  Google Scholar 

  76. Santen T (2006). Stepwise development of secure systems. In Janusz Górski, editor, SAFE-COMP, volume 4166 of Lecture Notes in Computer Science: 142–155. Springer.

    Google Scholar 

  77. Santen T, Heisel M, and Pfitzmann A (2002). Confidentiality-preserving refinement is compositional – sometimes. In Dieter Gollmann, Günter Karjoth, and Michael Waidner, editors, ESORICS, volume 2502 of Lecture Notes in Computer Science: 194–211. Springer.

    Google Scholar 

  78. Schneider F, editor (1999). Trust in Cyberspace. National Academy Press, Washington, DC. Available at http://www.nap.edu/readingroom/books/trust

  79. Seehusen F and Stølen K (2006). Information flow property preserving transformation of UML interaction diagrams. In David F. Ferraiolo and Indrakshi Ray, editors, SACMAT: 150–159. ACM.

    Google Scholar 

  80. Sindre G and Opdahl AL (2005). Eliciting security requirements with misuse cases. Requir. Eng., 10(1):34–44.

    Article  Google Scholar 

  81. Siveroni I, Zisman A, and Spanoudakis G (2008). Property specification and static verification of UML models. In 3rd International Conference on Availability, Reliability, and Security (ARES'08).

    Google Scholar 

  82. Spanoudakis G, Kloukinas C, and Androutsopoulos K (2007). Towards security monitoring patterns. In SAC: 1518–1525. ACM.

    Google Scholar 

  83. Sztipanovits J, Breu R, Ammenwerth E, Bajcsy R, Mitchell JC, and Pretschner A, editors (2007). Workshop on Model-based Trustworthy Health Information Systems (MOTHIS@Models).

    Google Scholar 

  84. UMLsec group. Security analysis tool, 2004. http://www.umlsec.org

  85. Whittle J, Wijesekera D, and Hartong M (2008). Executable misuse cases for modeling security concerns. In ICSE 2008.

    Google Scholar 

  86. Whyte B and Harrison J (2008). Secure software development - a white paper. Knowledge Transfer Network on Cyber Security, UK. Available at http://www.ktn.qinetiq-tim.net/content/files/groups/securesoft/SSDSIG_softwareSecurityFailures.pdf

  87. Wimmel G and Jürjens J (2002). Specification-based test generation for security-critical systems using mutations. In International Conference on Formal Engineering Methods (ICFEM), volume 2495 of LNCS: 471–482. Springer.

    Google Scholar 

  88. Wirsing M (2008). Software engineering for secure software-intensive systems. Consultation meeting on “Engineering Secure Software Systems” in the context of the preparation of the EU FP7 ICT work programme 2009–2010, Brussels. Presentation available at ftp://ftp.cordis.europa.eu/pub/fp7/ict/docs/security/20080423-martin-wirsing-lmu-munich_en.pdf.

    Google Scholar 

  89. Woodside M, Petriu DC, Petriu DB, Xu J, Israr T, Georg G, France R, Bieman JM, Houmb SH, and Jürjens J (2008). Performance analysis of security aspects by weaving scenarios from UML models. Journal of Systems and Software, vol. 82, 1: 56–74.

    Google Scholar 

  90. Yoshioka N, Honiden S, and Finkelstein A (2004). Security patterns: A method for constructing secure and efficient inter-company coordination systems. In EDOC: 84–97.

    Google Scholar 

  91. Yskout K, Scandariato R, De Win B, and Joosen W (2008). Transforming security requirements into architecture. In ARES [42]: 1421–1428.

    Google Scholar 

  92. Yu Y, Jürjens J, and Mylopoulos J (2008). Traceability for the maintenance of secure software. In 24th International Conference on Software Maintenance (ICSM). IEEE.

    Google Scholar 

  93. Zhang G, Baumeister H, Koch N, and Knapp A (2005). Aspect-oriented modeling of access control in web applications. In 6th International Workshop on Aspect-Oriented Modeling.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The Open University, Milton, Keynes,

    Jan J&rjens

Authors
  1. Jan J&rjens
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

    Rights and permissions

    Reprints and permissions

    Copyright information

    © 2009 Springer-Verlag US

    About this chapter

    Cite this chapter

    J&rjens, J. (2009). Security and Dependability Engineering. In: Kokolakis, S., Gómez, A., Spanoudakis, G. (eds) Security and Dependability for Ambient Intelligence. Advances in Information Security, vol 45. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-88775-3_2

    Download citation

    • DOI: https://doi.org/10.1007/978-0-387-88775-3_2

    • Published:

    • Publisher Name: Springer, Boston, MA

    • Print ISBN: 978-0-387-88774-6

    • Online ISBN: 978-0-387-88775-3

    • eBook Packages: Computer ScienceComputer Science (R0)

    Publish with us

    Policies and ethics

    Search

    Navigation