Reference : Model-Driven Security With Modularity and Reusability For Engineering Secure Software...
Dissertations and theses : Doctoral thesis
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/22768
Model-Driven Security With Modularity and Reusability For Engineering Secure Software Systems
English
Nguyen, Phu mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
10-Sep-2015
University of Luxembourg, ​Luxembourg, ​​Luxembourg
Docteur en Informatique
213
Le Traon, Yves mailto
Klein, Jacques mailto
Kelsen, Pierre mailto
Kienzle, Joerg mailto
Scandariato, Riccardo mailto
[en] Model-Driven Security ; MDS ; MDE ; Aspect-Oriented Modelling ; RAM ; DSL ; Model Transformations ; Model Composition ; Systematic Review ; Security Design Patterns ; Pattern Refinement ; Security Testing ; Security By Design
[en] Context: The more human beings depend on software systems, the more important role that software security engineering must play to build secure software systems. Model-Driven Security (MDS) emerged more than a decade ago as a specialised Model-Driven Engineering (MDE) research area for engineering secure software systems. MDS is promising but not mature yet. Our recent systematic literature review (SLR) has revealed several current limitations and open issues in the state of the art of MDS research.
Objectives: This PhD work aims at addressing three of the main open issues in the current state of the art of MDS research that are pointed out by the SLR. First, our SLR shows that multiple security concerns need to be handled together more systematically. Second, true Aspect-Oriented Modelling techniques for better ensuring the separation- of-concern in MDS approaches could have been leveraged more extensively. Third, complete tool chains based on integrated MDE techniques covering all the main stages of the development cycle are emerging, but still very rare.
Methods: On one hand, we develop a full MDS framework with modularity based on domain-specific modelling, model transformations, and model-based security testing. This MDS framework can help us to deal with complex delegation mechanisms in access control administration, from modelling till testing. On the other hand, we propose a highly modular, reusable MDS solution based on a System of Security design Patterns (SoSPa) and reusable aspect models to tackle multiple security concerns systematically.
Results: First, an extensive SLR has been conducted for revealing and analysing the current state of the art of MDS research. Second, a full MDS framework focusing on modularity has been proposed that integrates domain-specific modelling, model transformations, and model-based security testing to support all the main stages of an MDS development cycle. Third, we have developed a highly reusable, modular MDS approach based on a System of Security design Patterns for handling multiple security concerns together systematically. Finally, we have showed how our MDS approaches can be integrated in a full MDS framework, called MDS-MoRe, which could be the basis of a complete tool chain for MDS development of secure systems.
Conclusion: In this thesis, integrated MDS methodologies with modularity and reusability have been proposed for engineering secure software systems. This work has tackled three main current open issues in MDS research revealed from an extensive SLR.
SnT
Fonds National de la Recherche - FnR
Researchers ; Professionals ; Students ; General public ; Others
http://hdl.handle.net/10993/22768
Copyright 2015 Phu Hong Nguyen. All rights reserved. Reproduction in whole or in part is allowed only with the written consent of the copyright owner. Typeset in LATEX
FnR ; FNR783852 > Jacques Klein > MITER > Modeling, Composing and Testing of Security Concerns > 01/05/2011 > 30/04/2014 > 2010

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
PhDthesis_PhuHongNGUYEN_ModelDrivenSecurity_2015.pdfAuthor postprint7.24 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.