Search Swinburne Research Bank
Please use this identifier to cite or link to this item: http://hdl.handle.net/1959.3/69182
- A scenario based security characterisation of software components
- Khan, Khaled Md.; Han, Jun; Zheng, Yuliang
- In this paper, we propose a simple security characterisation model for software components. The proposed structure makes an attempt to model the security properties of interacting components based on 'scenarios'. The approach is adapted from the notion of 'scenarios' used in analysing qualities at the software architectural level. We argue that security of a software component does not exist in isolation but rather have strong binding with a use context such as whether a system is secure or not with respect to a specific threat. The notion of scenarios has led us to adopt a context-based security characterisation model of software components. We use message communication protocols and architectural description of components' functionality as valuable tools to describe a particular scenario of a composed system. This approach provides us with the means to identify the required security properties as well as ensured security properties of participating components in a compositional contract. The characterisation model is based on a simple structure that is used to capture the security properties of interacting components in a particular 'scenario'. The proposed structure consists of a predicate and four distinctive elements. The elements comprise identities of contracting components, operations to be performed in a compositional contract, required and ensured security attributes, and the data to be used in the particular compositional contract.
- Publication type
- Conference paper
- Proceedings of the 3rd Australasian Workshop on Software and System Architectures (AWSA 2000), Sydney, New South Wales, Australia, 19-20 November 2000
- Publication year
- Message communication protocols; Security characterisation model; Software components
- School of Network Computing, Monash University
- Publisher URL
- Copyright © 2000.
- Peer reviewed