Skip to main content
SpringerLink
Log in

A Software Product Line Approach to Design Secure Connectors in Component-Based Software Architectures

  • Conference paper
  • First Online:
Software Technologies (ICSOFT 2018)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1077))

Included in the following conference series:

Abstract

This paper describes a software product line approach to design secure connectors in distributed component-based software architectures. The variability of secure connectors is modelled by means of a feature model, which consists of security pattern and communication pattern features. Applying separation of concerns, each secure connector is designed as a composite component that encapsulates both security pattern and communication pattern components. Integration of these components within a secure connector is enabled by a security coordinator, the high-level template of which is customized based on the selected security pattern features.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Taylor, R.N., Medvidovic, N., Dashofy, E.M.: Software Architecture: Foundations, Theory, and Practice. Wiley, West Sussex (2010)

    Google Scholar 

  2. Shin, M.E., Gomaa, H.: Software modeling of evolution to a secure application: from requirements model to software architecture. Sci. Comput. Program. 66(1), 60–70 (2007)

    Article  Google Scholar 

  3. Shin, M.E., Malhotra, B., Gomaa, H., Kang, T.: Connectors for secure software architectures. In: 24th International Conference on Software Engineering and Knowledge Engineering, pp. 394–399. Knowledge Systems Institute, San Francisco Bay (2012)

    Google Scholar 

  4. Shin, M.E., Gomaa, H., Pathirage, D., Baker, C., Malhotra, B.: Design of secure software architectures with secure connectors. Int. J. Software Eng. Knowl. Eng. 26(05), 769–805 (2016)

    Article  Google Scholar 

  5. Shin, M., Gomaa, H., Pathirage, D.: Reusable secure connectors for secure software architecture. In: Kapitsaki, G.M., Santana de Almeida, E. (eds.) ICSR 2016. LNCS, vol. 9679, pp. 181–196. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-35122-3_13

    Chapter  Google Scholar 

  6. Shin, M., Gomaa, H., Pathirage, D.: Model-based design of reusable secure connectors. In: 4th International Workshop on Interplay of Model-Driven and Component-Based Software Engineering (ModComp), Austin (2017)

    Google Scholar 

  7. Shin, M., Gomaa, H., Pathirage, D.: A software product line approach for feature modeling and design of secure connectors. In: The 13th International Conference on Software Technologies (ICSOFT). SciTePress, Porto (2018)

    Google Scholar 

  8. Lodderstedt, T., Basin, D., Doser, J.: SecureUML: a UML-based modeling language for model-driven security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45800-X_33

    Chapter  MATH  Google Scholar 

  9. Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45800-X_32

    Chapter  MATH  Google Scholar 

  10. Basin, D., Clavel, M., Egea, M.: A decade of model-driven security. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, pp. 1–10. ACM, Innsbruck (2011)

    Google Scholar 

  11. Gomaa, H., Menascé, D.A., Shin, M.E.: Reusable component interconnection patterns for distributed software architectures. In: Proceedings of the 2001 Symposium on Software Reusability Putting Software Reuse in Context, pp. 69–77. ACM, Toronto (2001)

    Google Scholar 

  12. Gomaa, H.: Software Modeling and Design: UML, Use Cases, Patterns, and software Architectures. Cambridge University Press, Cambridge (2011)

    Book  Google Scholar 

  13. Ren, J., Taylor, R., Dourish, P., Redmiles, D.: Towards an architectural treatment of software security. ACM SIGSOFT SoftW. Eng. Notes 30(4), 1–7 (2005)

    Article  Google Scholar 

  14. Al-Azzani, S., Bahsoon, R.: SecArch: architecture-level evaluation and testing for security. In: Joint Working IEEE/IFIP Conference on Software Architecture and European Conference on Software Architecture, pp. 51–60. IEEE, Helsinki (2012)

    Google Scholar 

  15. Schumacher, M., Fernandez, E.B., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns: Integrating Security and Systems Engineering. Wiley, West Sussex (2006)

    Google Scholar 

  16. Fernandez-Buglioni, E.: Security Patterns in Practice: Designing Secure Architectures Using Software Patterns, 1st edn. Wiley, West Sussex (2013)

    Google Scholar 

  17. Gomaa, H.: Designing Software Product Lines with UML: From Use Cases to Pattern-Based Software Architectures. Addison-Wesley, Boston (2005)

    Book  Google Scholar 

  18. Gomaa, H., Shin, M.E.: A multiple-view meta-modeling approach for variability management in software product lines. In: Bosch, J., Krueger, C. (eds.) ICSR 2004. LNCS, vol. 3107, pp. 274–285. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-27799-6_23

    Chapter  Google Scholar 

  19. Gomaa, H., Shin, M.E.: Automated software product line engineering and product derivation. In: 40th Annual Hawaii International Conference on System Sciences, p. 285a. IEEE, Waikoloa (2007)

    Google Scholar 

  20. Gomaa, H., Shin, M.E.: Multiple-view modelling and meta-modelling of software product lines. IET Software 2(2), 94–122 (2008)

    Article  Google Scholar 

  21. Gomaa, H., Shin, M.E.: Variability modeling in model-driven software product line engineering. In: Proceedings of the 2nd International Workshop on Model Driven Product Line Engineering (MDPLE 2010), Paris, p. 65 (2010)

    Google Scholar 

  22. Abu-Matar, M., Gomaa, H.: Variability modeling for service oriented product line architectures. In: 15th International Software Product Line Conference (SPLC), pp. 110–119. IEEE, Munich (2011)

    Google Scholar 

  23. Fant, J.S., Gomaa, H., Pettit, R.G.: Integrating and applying architectural design patterns in space flight software product lines. In: 10th International Joint Conference on Software Technologies (ICSOFT), vol. 1, pp. 1–11. IEEE, Colmar (2015)

    Google Scholar 

  24. Tzeremes, V., Gomaa, H.: Applying end user software product line engineering for smart spaces. In: Proceedings of the 51st Hawaii International Conference on System Sciences, Big Island, Hawaii (2018)

    Google Scholar 

  25. Gomaa, H., Hussein, M.: Software reconfiguration patterns for dynamic evolution of software architectures. In: Fourth Working IEEE/IFIP Conference on Software Architecture, Oslo (2004)

    Google Scholar 

  26. Gomaa, H., Hashimoto, K.: Dynamic software adaptation for service-oriented product lines. In: Fifth International Workshop on Dynamic Software Product Lines, Munich (2011)

    Google Scholar 

  27. Albassam, E., Gomaa, H., Menasce, D.: Variable recovery and adaptation connectors for dynamic software product lines. In: 10th International Workshop on Dynamic Software Product Lines, Sevilla, pp. 123–128 (2017)

    Google Scholar 

  28. Gomaa, H., Hashimoto, K., Kim, M., Malek, S., Menascé, D.A.: Software adaptation patterns for service-oriented architectures. In: Proceedings of the 2010 ACM Symposium on Applied Computing, pp. 462–469. ACM, Sierre (2010)

    Google Scholar 

  29. Albassam, E., Gomaa, H., Menascé, D.A.: Model-based recovery connectors for self-adaptation and self-healing. In: 11th International Joint Conference on Software Technologies, pp. 79–90. ICSOFT-EA, Lisbon (2016)

    Google Scholar 

  30. Albassam, E., Porter, J., Gomaa, H., Menascé, D.A.: DARE: a distributed adaptation and failure recovery framework for software architectures. In: 14th IEEE International Conference on Autonomic Computing and Communications (ICAC), Columbus (2017)

    Google Scholar 

  31. Farahmandian, S., Hoang, D.B.: SDS2: A novel software-defined security service for protecting cloud computing infrastructure. In: 16th International Symposium on Network Computing and Applications (NCA), pp. 1–8. IEEE, Boston (2017)

    Google Scholar 

  32. Taha, A., Trapero, R., Luna, J., Suri, N.: A framework for ranking cloud security services. In: International Conference on Services Computing (SCC), pp. 322–329. IEEE, Honolulu (2017)

    Google Scholar 

  33. Pfleeger, C.P., Pfleeger, S.L.: Security in Computing, 3rd edn. Prentice Hall, Upper Saddle River (2003)

    MATH  Google Scholar 

Download references

Acknowledgements

This work was partially supported by the AFOSR grant FA9550-16-1-0030.

Author information

Authors and Affiliations

  1. Department of Computer Science, Texas Tech University, Lubbock, TX, USA

    Michael Shin & Don Pathirage

  2. Department of Computer Science, George Mason University, Fairfax, VA, USA

    Hassan Gomaa

Authors
  1. Michael Shin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hassan Gomaa
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Don Pathirage
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michael Shin .

Editor information

Editors and Affiliations

  1. Information Systems Group, University of Twente, Enschede, The Netherlands

    Marten van Sinderen

  2. Wrocław University of Economics, Wrocław, Poland

    Leszek A. Maciaszek

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Shin, M., Gomaa, H., Pathirage, D. (2019). A Software Product Line Approach to Design Secure Connectors in Component-Based Software Architectures. In: van Sinderen, M., Maciaszek, L. (eds) Software Technologies. ICSOFT 2018. Communications in Computer and Information Science, vol 1077. Springer, Cham. https://doi.org/10.1007/978-3-030-29157-0_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-29157-0_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-29156-3

  • Online ISBN: 978-3-030-29157-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation