Doctoral thesis (Dissertations and theses)
Model-Driven Security With Modularity and Reusability For Engineering Secure Software Systems
Nguyen, Phu Hong
2015
 

Files


Full Text
PhDthesis_PhuHongNGUYEN_ModelDrivenSecurity_2015.pdf
Author postprint (7.41 MB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Model-Driven Security; MDS; MDE; Aspect-Oriented Modelling; RAM; DSL; Model Transformations; Model Composition; Systematic Review; Security Design Patterns; Pattern Refinement; Security Testing; Security By Design
Abstract :
[en] Context: The more human beings depend on software systems, the more important role that software security engineering must play to build secure software systems. Model-Driven Security (MDS) emerged more than a decade ago as a specialised Model-Driven Engineering (MDE) research area for engineering secure software systems. MDS is promising but not mature yet. Our recent systematic literature review (SLR) has revealed several current limitations and open issues in the state of the art of MDS research. Objectives: This PhD work aims at addressing three of the main open issues in the current state of the art of MDS research that are pointed out by the SLR. First, our SLR shows that multiple security concerns need to be handled together more systematically. Second, true Aspect-Oriented Modelling techniques for better ensuring the separation- of-concern in MDS approaches could have been leveraged more extensively. Third, complete tool chains based on integrated MDE techniques covering all the main stages of the development cycle are emerging, but still very rare. Methods: On one hand, we develop a full MDS framework with modularity based on domain-specific modelling, model transformations, and model-based security testing. This MDS framework can help us to deal with complex delegation mechanisms in access control administration, from modelling till testing. On the other hand, we propose a highly modular, reusable MDS solution based on a System of Security design Patterns (SoSPa) and reusable aspect models to tackle multiple security concerns systematically. Results: First, an extensive SLR has been conducted for revealing and analysing the current state of the art of MDS research. Second, a full MDS framework focusing on modularity has been proposed that integrates domain-specific modelling, model transformations, and model-based security testing to support all the main stages of an MDS development cycle. Third, we have developed a highly reusable, modular MDS approach based on a System of Security design Patterns for handling multiple security concerns together systematically. Finally, we have showed how our MDS approaches can be integrated in a full MDS framework, called MDS-MoRe, which could be the basis of a complete tool chain for MDS development of secure systems. Conclusion: In this thesis, integrated MDS methodologies with modularity and reusability have been proposed for engineering secure software systems. This work has tackled three main current open issues in MDS research revealed from an extensive SLR.
Research center :
SnT
Disciplines :
Computer science
Author, co-author :
Nguyen, Phu Hong ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Language :
English
Title :
Model-Driven Security With Modularity and Reusability For Engineering Secure Software Systems
Defense date :
10 September 2015
Number of pages :
213
Institution :
Unilu - University of Luxembourg, Luxembourg, Luxembourg
Degree :
Docteur en Informatique
President :
Jury member :
Kienzle, Joerg
Scandariato, Riccardo
FnR Project :
FNR783852 - Modeling, Composing And Testing Of Security Concerns, 2010 (01/05/2011-30/04/2014) - Jacques Klein
Name of the research project :
MITER
Funders :
FNR - Fonds National de la Recherche [LU]
Commentary :
Copyright 2015 Phu Hong Nguyen. All rights reserved. Reproduction in whole or in part is allowed only with the written consent of the copyright owner. Typeset in LATEX
Available on ORBilu :
since 04 December 2015

Statistics


Number of views
430 (12 by Unilu)
Number of downloads
403 (6 by Unilu)

Bibliography


Similar publications



Contact ORBilu