Model-Driven Security with A System of Aspect-Oriented Security Design Patterns

Nguyen, Phu Hong; Klein, Jacques; Le Traon, Yves

Reference : Model-Driven Security with A System of Aspect-Oriented Security Design Patterns


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a book
	Discipline(s) :	Engineering, computing & technology : Computer science
	To cite this reference:	http://hdl.handle.net/10993/17760

Title :	Model-Driven Security with A System of Aspect-Oriented Security Design Patterns
Language :	English
Author, co-author :	Nguyen, Phu Hong [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Klein, Jacques [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
	Le Traon, Yves [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Publication date :	22-Jul-2014
Main document title :	2nd Workshop on View-Based, Aspect-Oriented and Orthographic Software Modelling
Peer reviewed :	Yes
On invitation :	No
Audience :	International
Event name :	2nd Workshop on View-Based, Aspect-Oriented and Orthographic Software Modelling
Event date :	22-07-2014
Event organizer :	University of York
Event place (city) :	York
Event country :	UK
Keywords :	[en] Model-driven security ; aspect-oriented modeling ; security patterns
Abstract :	[en] Model-Driven Security (MDS) has emerged for more than a decade, as a specialization of Model-Driven Engineering (MDE), to propose sound MD methodologies for supporting secure systems development. Yet, there is still a big gap before making MDS approaches more easily applicable and adoptable by industry. Most current MDS approaches only deal with a specific security concern, e.g. Authorization, and have not taken into account multiple security concerns. Besides, security patterns which are based on domain-independent, time-proven security knowledge and expertise, can be considered as reusable security bricks upon which sound and secure systems can be built. But they are not applied as much as they could be, because developers have problems in selecting them and applying them in the right places, especially at the design phase. In this position paper, we propose an exploratory MDS approach based on a System of aspect-oriented Security design Patterns (SoSPa) in which security design patterns are collected, specified as reusable aspect models to form a coherent system of them that guides developers in systematically selecting the right security design patterns for the job. Our MDS approach allows the selected security design patterns to be automatically composed with the target system model. The woven secure system model can then be used for code generation, including configured security infrastructures.
Research centres :	SnT
Funders :	Fonds National de la Recherche - FnR
Name of the research project :	I2R-SER-PFN-10MITE > MITER: Modeling, Composing and Testing of Security Concerns > 01/01/2011 - 31/12/2013 > LE TRAON Yves
Target :	Researchers ; Professionals ; Students ; General public
Permalink :	http://hdl.handle.net/10993/17760

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Limited access	VAO2014-SoSPa-CameraReady.pdf		Author preprint	407.53 kB	Request a copy

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices