Skip to main content
SpringerLink
Log in

Compositional Verification of Application-Level Security Properties

  • Conference paper
Engineering Secure Software and Systems (ESSoS 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7781))

Included in the following conference series:

Abstract

Automatic model checking can be employed to verify that security properties are fulfilled by a system model. However, since security requirements constrain most, if not all, functional modules of a system, such a proof needs to consider nearly all of the system’s control and data flows. For complex real-life applications, that leads to a large state space to be explored effectively restricting the applicability of a model checker. To deal with this problem, we advocate a compositional approach utilizing the features of our model-based engineering technique SPACE. Both functional behavior and security-related aspects are specified using UML 2 activities. Further, we supplement each activity with an interface behavior description which will be extended by a security contract modeling certain security properties to be fulfilled by the activity. This enables us to verify application-level security properties by using contracts instead of their respective activities in model checker runs so that the number of states to be checked is significantly reduced. The approach is exemplified by an Android application example in which one’s location must only be shared with certain recipients.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 72.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Iyer, R.K., Chen, S., Xu, J., Kalbarczyk, Z.: Security Vulnerabilities - from Data Analysis to Protection Mechanisms. In: Proceedings of the Ninth IEEE International Workshop on Object-Oriented Real-Time Dependable Systems, WORDS 2003, pp. 331–338 (2003)

    Google Scholar 

  2. Kraemer, F.A.: Engineering Reactive Systems: A Compositional and Model-Driven Method Based on Collaborative Building Blocks. PhD thesis, Norwegian University of Science and Technology (August 2008)

    Google Scholar 

  3. Kraemer, F.A., Slåtten, V., Herrmann, P.: Tool Support for the Rapid Composition, Analysis and Implementation of Reactive Services. Journal of Systems and Software 82(12), 2068–2080 (2009)

    Article  Google Scholar 

  4. Gunawan, L.A., Herrmann, P., Kraemer, F.A.: Towards the Integration of Security Aspects into System Development Using Collaboration-Oriented Models. In: Ślęzak, D., Kim, T.-H., Fang, W.-C., Arnett, K.P. (eds.) SecTech 2009. CCIS, vol. 58, pp. 72–85. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  5. Kraemer, F.A., Herrmann, P.: Reactive Semantics for Distributed UML Activities. In: Hatcliff, J., Zucca, E. (eds.) FMOODS/FORTE 2010, Part II. LNCS, vol. 6117, pp. 17–31. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  6. Gunawan, L.A., Kraemer, F.A., Herrmann, P.: A Tool-Supported Method for the Design and Implementation of Secure Distributed Applications. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 142–155. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  7. McMillan, K.L.: Symbolic Model Checking: an Approach to the State Explosion Problem. PhD thesis, Carnegie Mellon University, Pittsburgh, PA, USA (1992)

    Google Scholar 

  8. Davis, A.M.: Software Requirements: Objects, Functions and States, 2nd edn. Prentice-Hall, Inc., Upper Saddle River (1993)

    MATH  Google Scholar 

  9. Slåtten, V., Kraemer, F.A., Herrmann, P.: Towards Automatic Generation of Formal Specifications to Validate and Verify Reliable Distributed Systems: A Method Exemplified by an Industrial Case Study. In: Proceedings of the 10th ACM International Conference on Generative Programming and Component Engineering, pp. 147–156. ACM, New York (2011)

    Chapter  Google Scholar 

  10. Object Management Group: Unified Modeling Language: Superstructure, version 2.3 (May 2010) (formal/2010-05-05)

    Google Scholar 

  11. Kraemer, F.A., Herrmann, P.: Automated Encapsulation of UML Activities for Incremental Development and Verification. In: Schürr, A., Selic, B. (eds.) MODELS 2009. LNCS, vol. 5795, pp. 571–585. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  12. Slåtten, V., Herrmann, P.: Contracts for Multi-instance UML Activities. In: Bruni, R., Dingel, J. (eds.) FMOODS/FORTE 2011. LNCS, vol. 6722, pp. 304–318. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  13. Lamport, L.: Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers. Addison-Wesley Professional (2002)

    Google Scholar 

  14. Yu, Y., Manolios, P., Lamport, L.: Model Checking TLA+ Specifications. In: Pierre, L., Kropf, T. (eds.) CHARME 1999. LNCS, vol. 1703, pp. 54–66. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  15. Herrmann, P., Krumm, H.: A Framework for Modeling Transfer Protocols. Computer Networks 34(2), 317–337 (2000)

    Article  Google Scholar 

  16. Abadi, M., Lamport, L.: The Existence of Refinement Mappings. Theoretical Computer Science 82(2), 253–284 (1991)

    Article  MathSciNet  MATH  Google Scholar 

  17. Jürjens, J.: Secure System Development with UML. Springer (2005)

    Google Scholar 

  18. Basin, D., Doser, J., Lodderstedt, T.: Model Driven Security: From UML Models to Access Control Infrastructures. ACM Transactions on Software Engineering and Methodology 15(1), 39–91 (2006)

    Article  Google Scholar 

  19. Doan, T., Demurjian, S., Ting, T.C., Ketterl, A.: MAC and UML for Secure Software Design. In: Proceedings of the 2004 ACM Workshop on Formal Methods in Security Engineering, FMSE 2004, pp. 75–85. ACM, New York (2004)

    Chapter  Google Scholar 

  20. Georg, G., Ray, I., Anastasakis, K., Bordbar, B., Toahchoodee, M., Houmb, S.H.: An Aspect-Oriented Methodology for Designing Secure Applications. Information and Software Technology 51(5), 846–864 (2009); Special Issue: Model-Driven Development for Secure Information Systems

    Article  Google Scholar 

  21. Mouheb, D., Talhi, C., Nouh, M., Lima, V., Debbabi, M., Wang, L., Pourzandi, M.: Aspect-Oriented Modeling for Representing and Integrating Security Concerns in UML. In: Lee, R., Ormandjieva, O., Abran, A., Constantinides, C. (eds.) SERA 2010. SCI, vol. 296, pp. 197–213. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  22. Jürjens, J., Houmb, S.H.: Dynamic Secure Aspect Modeling with UML: From Models to Code. In: Briand, L.C., Williams, C. (eds.) MoDELS 2005. LNCS, vol. 3713, pp. 142–155. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  23. Jézéquel, J.M.: Model Driven Design and Aspect Weaving. Software and System Modeling 7(2), 209–218 (2008)

    Article  Google Scholar 

  24. Lund, M.S., Solhaug, B., Stølen, K.: Model-Driven Risk Analysis - The CORAS Approach. Springer (2011)

    Google Scholar 

  25. Moebius, N., Stenzel, K., Reif, W.: Formal Verification of Application-Specific Security Properties in a Model-Driven Approach. In: Massacci, F., Wallach, D., Zannone, N. (eds.) ESSoS 2010. LNCS, vol. 5965, pp. 166–181. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  26. Moebius, N., Stenzel, K., Borek, M., Reif, W.: Incremental Development of Large, Secure Smart Card Applications. In: Proceedings of the 1st Model-Driven Security Workshop, MDSec 2012 (to appear, 2012)

    Google Scholar 

  27. Yi, D., Wang, J., Tsai, J.J., Beznosov, K.: An Approach for Modeling and Analysis of Security System Architectures. IEEE Transactions on Knowledge and Data Engineering 15(5), 1099–1119 (2003)

    Article  Google Scholar 

  28. Khan, K., Han, J., Zheng, Y.: A Framework for an Active Interface to Characterise Compositional Security Contracts of Software Components. In: Proceedings of the 2001 Australian Software Engineering Conference, pp. 117–126 (2001)

    Google Scholar 

  29. Herrmann, P.: Information Flow Analysis of Component-Structured Applications. In: Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC), pp. 45–54. ACM SIGSAC, IEEE Computer Society Press, New Orleans (2001)

    Google Scholar 

  30. Mantel, H.: On the Composition of Secure Systems. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 88–101. IEEE Computer Society (May 2002)

    Google Scholar 

  31. Bartoletti, M., Degano, P., Ferrari, G.L.: Security Issues in Service Composition. In: Gorrieri, R., Wehrheim, H. (eds.) FMOODS 2006. LNCS, vol. 4037, pp. 1–16. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  32. Vasilevskaya, M., Gunawan, L.A., Nadjm-Tehrani, S., Herrmann, P.: Security Asset Elicitation for Collaborative Models. In: Proceedings of the 1st Model-Driven Security Workshop, MDSec 2012 (to appear, 2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Telematics, Norwegian University of Science and Technology (NTNU), Trondheim, Norway

    Linda Ariani Gunawan & Peter Herrmann

Authors
  1. Linda Ariani Gunawan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Peter Herrmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, TU Dortmund und Fraunhofer ISST, Otto-Hahn-Straße 14, 44221, Dortmund, Germany

    Jan Jürjens

  2. One Microsoft Way, Microsoft Research, 98052-6399, Redmond, WA, USA

    Benjamin Livshits

  3. Department of Computer Science, Katholieke Universiteit Leuven, Celestijnenlaan 200A, 3001, Heverlee, Belgium

    Riccardo Scandariato

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gunawan, L.A., Herrmann, P. (2013). Compositional Verification of Application-Level Security Properties. In: Jürjens, J., Livshits, B., Scandariato, R. (eds) Engineering Secure Software and Systems. ESSoS 2013. Lecture Notes in Computer Science, vol 7781. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36563-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-36563-8_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-36562-1

  • Online ISBN: 978-3-642-36563-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation