A method for model-driven information flow security

Sammendrag

We present a method for software development in which information flow security is taken into consideration from start to finish. Initially, the user of the method (i.e., a software developer) specifies the system architecture and selects a set of security requirements (in the form of secure information flow properties) that the system must adhere to. The user then specifies each component of the system architecture using UML inspired state machines, and refines/transforms these (abstract) state machines into concrete state machines. It is shown that if the abstract specification adheres to the security requirements, then so does the concrete one provided that certain conditions are satisfied.

Kategori

Vitenskapelig Kapittel/Artikkel/Konferanseartikkel

Språk

Engelsk

Forfatter(e)

Fredrik Seehusen
Ketil Stølen

Institusjon(er)

SINTEF Digital / Sustainable Communication Technologies
Universitetet i Oslo

År

2012

Forlag

IGI Global

Bok

Dependability and Computer Engineering: Concepts for Software-Intensive Systems

ISBN

9781609607470

Side(r)

199 - 229

Eksterne ressurser

https://www.igi-global.com/bookstore/chapter.aspx?titleid=55330

DOI

https://doi.org/10.4018/978-1-4666-4301-7.ch022

Vis denne publikasjonen hos Cristin

Kontakt oss

Tjenester

Rapporter og publikasjoner

Forskningssenter og samarbeid

Karriere

Bærekraft

Institutter

Andre enheter

Ledelse og organisering

Om oss

Følg oss