Abstract
This paper describes a software product line approach to design secure connectors in distributed component-based software architectures. The variability of secure connectors is modelled by means of a feature model, which consists of security pattern and communication pattern features. Applying separation of concerns, each secure connector is designed as a composite component that encapsulates both security pattern and communication pattern components. Integration of these components within a secure connector is enabled by a security coordinator, the high-level template of which is customized based on the selected security pattern features.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Taylor, R.N., Medvidovic, N., Dashofy, E.M.: Software Architecture: Foundations, Theory, and Practice. Wiley, West Sussex (2010)
Shin, M.E., Gomaa, H.: Software modeling of evolution to a secure application: from requirements model to software architecture. Sci. Comput. Program. 66(1), 60–70 (2007)
Shin, M.E., Malhotra, B., Gomaa, H., Kang, T.: Connectors for secure software architectures. In: 24th International Conference on Software Engineering and Knowledge Engineering, pp. 394–399. Knowledge Systems Institute, San Francisco Bay (2012)
Shin, M.E., Gomaa, H., Pathirage, D., Baker, C., Malhotra, B.: Design of secure software architectures with secure connectors. Int. J. Software Eng. Knowl. Eng. 26(05), 769–805 (2016)
Shin, M., Gomaa, H., Pathirage, D.: Reusable secure connectors for secure software architecture. In: Kapitsaki, G.M., Santana de Almeida, E. (eds.) ICSR 2016. LNCS, vol. 9679, pp. 181–196. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-35122-3_13
Shin, M., Gomaa, H., Pathirage, D.: Model-based design of reusable secure connectors. In: 4th International Workshop on Interplay of Model-Driven and Component-Based Software Engineering (ModComp), Austin (2017)
Shin, M., Gomaa, H., Pathirage, D.: A software product line approach for feature modeling and design of secure connectors. In: The 13th International Conference on Software Technologies (ICSOFT). SciTePress, Porto (2018)
Lodderstedt, T., Basin, D., Doser, J.: SecureUML: a UML-based modeling language for model-driven security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45800-X_33
Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45800-X_32
Basin, D., Clavel, M., Egea, M.: A decade of model-driven security. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, pp. 1–10. ACM, Innsbruck (2011)
Gomaa, H., Menascé, D.A., Shin, M.E.: Reusable component interconnection patterns for distributed software architectures. In: Proceedings of the 2001 Symposium on Software Reusability Putting Software Reuse in Context, pp. 69–77. ACM, Toronto (2001)
Gomaa, H.: Software Modeling and Design: UML, Use Cases, Patterns, and software Architectures. Cambridge University Press, Cambridge (2011)
Ren, J., Taylor, R., Dourish, P., Redmiles, D.: Towards an architectural treatment of software security. ACM SIGSOFT SoftW. Eng. Notes 30(4), 1–7 (2005)
Al-Azzani, S., Bahsoon, R.: SecArch: architecture-level evaluation and testing for security. In: Joint Working IEEE/IFIP Conference on Software Architecture and European Conference on Software Architecture, pp. 51–60. IEEE, Helsinki (2012)
Schumacher, M., Fernandez, E.B., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns: Integrating Security and Systems Engineering. Wiley, West Sussex (2006)
Fernandez-Buglioni, E.: Security Patterns in Practice: Designing Secure Architectures Using Software Patterns, 1st edn. Wiley, West Sussex (2013)
Gomaa, H.: Designing Software Product Lines with UML: From Use Cases to Pattern-Based Software Architectures. Addison-Wesley, Boston (2005)
Gomaa, H., Shin, M.E.: A multiple-view meta-modeling approach for variability management in software product lines. In: Bosch, J., Krueger, C. (eds.) ICSR 2004. LNCS, vol. 3107, pp. 274–285. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-27799-6_23
Gomaa, H., Shin, M.E.: Automated software product line engineering and product derivation. In: 40th Annual Hawaii International Conference on System Sciences, p. 285a. IEEE, Waikoloa (2007)
Gomaa, H., Shin, M.E.: Multiple-view modelling and meta-modelling of software product lines. IET Software 2(2), 94–122 (2008)
Gomaa, H., Shin, M.E.: Variability modeling in model-driven software product line engineering. In: Proceedings of the 2nd International Workshop on Model Driven Product Line Engineering (MDPLE 2010), Paris, p. 65 (2010)
Abu-Matar, M., Gomaa, H.: Variability modeling for service oriented product line architectures. In: 15th International Software Product Line Conference (SPLC), pp. 110–119. IEEE, Munich (2011)
Fant, J.S., Gomaa, H., Pettit, R.G.: Integrating and applying architectural design patterns in space flight software product lines. In: 10th International Joint Conference on Software Technologies (ICSOFT), vol. 1, pp. 1–11. IEEE, Colmar (2015)
Tzeremes, V., Gomaa, H.: Applying end user software product line engineering for smart spaces. In: Proceedings of the 51st Hawaii International Conference on System Sciences, Big Island, Hawaii (2018)
Gomaa, H., Hussein, M.: Software reconfiguration patterns for dynamic evolution of software architectures. In: Fourth Working IEEE/IFIP Conference on Software Architecture, Oslo (2004)
Gomaa, H., Hashimoto, K.: Dynamic software adaptation for service-oriented product lines. In: Fifth International Workshop on Dynamic Software Product Lines, Munich (2011)
Albassam, E., Gomaa, H., Menasce, D.: Variable recovery and adaptation connectors for dynamic software product lines. In: 10th International Workshop on Dynamic Software Product Lines, Sevilla, pp. 123–128 (2017)
Gomaa, H., Hashimoto, K., Kim, M., Malek, S., Menascé, D.A.: Software adaptation patterns for service-oriented architectures. In: Proceedings of the 2010 ACM Symposium on Applied Computing, pp. 462–469. ACM, Sierre (2010)
Albassam, E., Gomaa, H., Menascé, D.A.: Model-based recovery connectors for self-adaptation and self-healing. In: 11th International Joint Conference on Software Technologies, pp. 79–90. ICSOFT-EA, Lisbon (2016)
Albassam, E., Porter, J., Gomaa, H., Menascé, D.A.: DARE: a distributed adaptation and failure recovery framework for software architectures. In: 14th IEEE International Conference on Autonomic Computing and Communications (ICAC), Columbus (2017)
Farahmandian, S., Hoang, D.B.: SDS2: A novel software-defined security service for protecting cloud computing infrastructure. In: 16th International Symposium on Network Computing and Applications (NCA), pp. 1–8. IEEE, Boston (2017)
Taha, A., Trapero, R., Luna, J., Suri, N.: A framework for ranking cloud security services. In: International Conference on Services Computing (SCC), pp. 322–329. IEEE, Honolulu (2017)
Pfleeger, C.P., Pfleeger, S.L.: Security in Computing, 3rd edn. Prentice Hall, Upper Saddle River (2003)
Acknowledgements
This work was partially supported by the AFOSR grant FA9550-16-1-0030.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Shin, M., Gomaa, H., Pathirage, D. (2019). A Software Product Line Approach to Design Secure Connectors in Component-Based Software Architectures. In: van Sinderen, M., Maciaszek, L. (eds) Software Technologies. ICSOFT 2018. Communications in Computer and Information Science, vol 1077. Springer, Cham. https://doi.org/10.1007/978-3-030-29157-0_17
Download citation
DOI: https://doi.org/10.1007/978-3-030-29157-0_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-29156-3
Online ISBN: 978-3-030-29157-0
eBook Packages: Computer ScienceComputer Science (R0)