research-article

Architecture-based refinements for secure computer systems design

Authors:

Jim Alves-FossAuthors Info & Claims

PST '06: Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services

Article No.: 15, Pages 1 - 11

https://doi.org/10.1145/1501434.1501453

Published: 30 October 2006 Publication History

Abstract

The successful design and implementation of secure systems must occur from the beginning. A component that must process data at multiple security levels is very critical and must go through additional evaluation to ensure the processing is secure. It is common practice to isolate and separate the processing of data at different levels into different components. In this paper we present architecture-based refinement techniques for the design of multilevel secure systems. We discuss what security requirements must be satisfied through the refinement process, including when separation works and when it does not. The process oriented approach will lead to verified engineering techniques for secure systems, which should greatly reduce the cost of certification of those systems.

References

[1]

J. Alves-Foss, W. S. Harrison, P. Oman, and C. Taylor. The mils architecture for high-assurance embedded systems. International Journal of Embedded Systems, 1(1), January 2005.

[2]

V. Ambriola and A. Kmiecik. Architectural transformations. In SEKE '02: Proceedings of the 14th international conference on software engineering and knowledge engineering, pages 275--278, New York, NY, USA, 2002. ACM Press.

Digital Library

[3]

J. P. Anderson. Computer security technology planning study. Technical report, Fort Washing, PA, 1972.

[4]

S. Banerjee, C. A. Mattmann, N. Medvidovic, and L. Golubchik. Leveraging architectural models to inject trust into software systems. In SESS '05: Proceedings of the 2005 workshop on software engineering for secure systems building trustworthy applications, pages 1--7, New York, NY, USA, 2005. ACM Press.

Digital Library

[5]

K. S. Barber, T. Graser, and J. Holt. Enabling iterative software architecture derivation using early non-functional property evaluation. In ASE '02: Proceedings of the 17th IEEE international conference on automated software engineering, page 172, Washington, DC, USA, 2002. IEEE Computer Society.

Digital Library

[6]

D. E. Bell and L. LaPadula. Secure computer systems: Unified exposition and multics interpretation. MITRE technical report, MITRE Corporation, Bedford Massachusetts, 2997:ref A023 588, 1976.

[7]

L. Chung, B. A. Nixon, and E. Yu. An approach to building quality into software architecture. In CASCON '95: Proceedings of the 1995 conference of the centre for advanced studies on collaborative research, page 13. IBM Press, 1995.

Digital Library

[8]

M. Denford, J. Leaney, and T. O'Neill. Non-functional refinement of computer based systems architecture. In ECBS '04: Proceedings of the 11th IEEE international conference and workshop on the Eengineering of computer-based systems, page 168. IEEE Computer Society, 2004.

Digital Library

[9]

Y. Deng, J. Wang, J. J. P. Tsai, and K. Beznosov. An approach for modeling and analysis of security system architectures. IEEE Transactions on Knowledge and Data Engineering, 15(5):1099--1119, 2003.

Digital Library

[10]

X. Franch and P. Botella. Putting non-functional requirements into software architecture. In IWSSD '98: Proceedings of the 9th international workshop on software specification and design, page 60, Washington, DC, USA, 1998. IEEE Computer Society.

Digital Library

[11]

D. Garlan. Style-based refinement for software architecture. In Joint proceedings of the second international software architecture workshop (ISAW-2) and international workshop on multiple perspectives in software development (Viewpoints '96) on SIGSOFT '96 workshops, pages 72--75, New York, NY, USA, 1996. ACM Press.

Digital Library

[12]

D. McCullough. Noninterference and the composability of security properties. In Proc. IEEE symposium on security and privacy, pages 177--187, 1988.

[13]

J. McLean. A general theory of composition for a class of "possibilistic" properties. IEEE Transactions on Software Engineering, 22(1):53--67, Jan. 1996.

Digital Library

[14]

N. Medvidovic and R. N. Taylor. A classification and comparison framework for software architecture description languages. IEEE Transactions on Software Engineering, 26(1):70--93, 2000.

Digital Library

[15]

M. Moriconi, X. Qian, and R. A. Riemenschneider. Correct architecture refinement. IEEE Transactions on Software Engineering, 21(4):356--3, 1995.

Digital Library

[16]

M. Moriconi, X. Qian, R. A. Riemenschneider, and L. Gong. Secure software architectures. In SP '97: Proceedings of the 1997 IEEE symposium on security and privacy, page 84, Washington, DC, USA, 1997. IEEE Computer Society.

Digital Library

[17]

J. Philipps and B. Rumpe. Refinement of pipe-and-filter architectures. In FM '99: Proceedings of the wold congress on formal methods in the development of computing systems-Volume I, pages 96--115, London, UK, 1999. Springer-Verlag.

Digital Library

[18]

N. S. Rosa, G. R. R. Justo, and P. R. F. Cunha. Incorporating non-functional requirements into software architectures. In IPDPS '00: Proceedings of the 15 IPDPS 2000 workshops on parallel and distributed processing, pages 1009--1018, London, UK, 2000. Springer-Verlag.

Digital Library

[19]

N. S. Rosa, G. R. R. Justo, and P. R. F. Cunha. A framework for building non-functional software architectures. In SAC '01: Proceedings of the 2001 ACM symposium on applied computing, pages 141--147, New York, NY, USA, 2001. ACM Press.

Digital Library

[20]

A. Zakinthinos. On The Composition Of Security Properties. PhD thesis, University of Toronto, Mar. 1996.

Digital Library

Cited By

Zhou JAlves-Foss J(2018)Security policy refinement and enforcement for the design of multi-level secure systemsJournal of Computer Security10.5555/1370687.137068816:2(107-131)Online publication date: 24-Dec-2018
https://dl.acm.org/doi/10.5555/1370687.1370688
Chong SMeyden R(2015)Using Architecture to Reason about Information SecurityACM Transactions on Information and System Security10.1145/282994918:2(1-30)Online publication date: 9-Dec-2015
https://dl.acm.org/doi/10.1145/2829949
Hanspach MKeller J(2013)In Guards We TrustProceedings of the 2013 International Conference on Social Computing10.1109/SocialCom.2013.87(578-585)Online publication date: 8-Sep-2013
https://dl.acm.org/doi/10.1109/SocialCom.2013.87

Index Terms

Architecture-based refinements for secure computer systems design
1. Software and its engineering
  1. Software organization and properties
    1. Software system structures
      1. Software architectures

Recommendations

Security policy refinement and enforcement for the design of multi-level secure systems
Privacy, Security and Trust (PST) Technologies: Evolution and Challenges

The successful design and implementation of secure systems must include security concerns from the beginning. A component that processes data at multiple security levels is critical and must go through additional evaluation to ensure the processing is ...
Addressing non-functional requirements of adaptive IoT systems: a model-driven approach
MODELS '22: Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings

Non-functional requirements (NFR) of IoT systems increase the complexity of system development. The success of such systems also largely depends on dealing with NFRs correctly. However, inter-dependencies among NFRs often introduce conflicts. These ...
Software Architectural Design Meets Security Engineering
ECBS '09: Proceedings of the 2009 16th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems

Security requirements strongly influence the architectural design of complex IT systems in a similar way as other non-functional requirements. Both security engineering as well as software engineering provide methods to deal with such requirements. ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

PST '06: Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services

October 2006

389 pages

ISBN:1595936041

DOI:10.1145/1501434

General Chair:
Greg Sprague
National Research Council, Fredericton, New Brunswick, Canada
,
Program Chairs:
Bernadette Schell
UOIT, Oshawa, Ontario, Canada
,
Wilfred Fong
UOIT, Oshawa, Ontario, Canada

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 October 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

PST06

PST06: International Conference on Privacy, Security and Trust

October 30 - November 1, 2006

Ontario, Markham, Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
267
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhou JAlves-Foss J(2018)Security policy refinement and enforcement for the design of multi-level secure systemsJournal of Computer Security10.5555/1370687.137068816:2(107-131)Online publication date: 24-Dec-2018
https://dl.acm.org/doi/10.5555/1370687.1370688
Chong SMeyden R(2015)Using Architecture to Reason about Information SecurityACM Transactions on Information and System Security10.1145/282994918:2(1-30)Online publication date: 9-Dec-2015
https://dl.acm.org/doi/10.1145/2829949
Hanspach MKeller J(2013)In Guards We TrustProceedings of the 2013 International Conference on Social Computing10.1109/SocialCom.2013.87(578-585)Online publication date: 8-Sep-2013
https://dl.acm.org/doi/10.1109/SocialCom.2013.87

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten