Transformation of Type Graphs with Inheritance for Ensuring Security in E-Government Networks

Hermann, Frank; Ehrig, Hartmut; Ermel, Claudia

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

Hermann, Frank; Ehrig, Hartmut; Ermel, Claudia

2009 • In Wirsing, Martin; Chechik, C. (Eds.) Proc. International Conference on Fundamental Aspects of Software Engineering (FASE'09)

Peer reviewed

Permalink
https://hdl.handle.net/10993/5603

Files Send to Details Statistics Bibliography Similar publications

Files

Full Text

10.1007_978-3-642-00593-0_22.pdf

Publisher postprint (885.23 kB)

Request a copy

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink Twitter Linkedin

Details

Keywords :

model transformation; graph transformation; Security; E-Government type graph with inheritance

Abstract :

[en] E-government services usually process large amounts of confidential data, but simultaneously they shall provide simple and userfriendly graphical interfaces. Therefore, security requirements for the communication between components have to be adhered in a very strict way. Hence it is of main interest that developers can analyze their modularized models of actual systems and that they can detect critical patterns. For this purpose, we present a general and formal framework for critical pattern detection and user-driven correction as well as possibilities for automatic analysis and verification of security requirements on the meta model level. The technique is based on the formal theory of graph transformation, which we extend to transformations of type graphs with inheritance within a type graph hierarchy in order to enable the specification of relevant security requirements in this scenario. The extended theory is shown to fulfil the conditions of a weak adhesive HLR category allowing us to transfer analysis techniques and results shown for this abstract framework of graph transformation. In particular, we discuss how confluence analysis and parallelization can be used to enable distributed critical pattern detection.

Disciplines :

Computer science

Author, co-author :

Hermann, Frank ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Ehrig, Hartmut

Ermel, Claudia

Language :

English

Title :

Transformation of Type Graphs with Inheritance for Ensuring Security in E-Government Networks

Publication date :

2009

Event name :

International Conference on Fundamental Aspects of Software Engineering (FASE'09)

Event place :

York, United Kingdom

Event date :

03-2009

Main work title :

Proc. International Conference on Fundamental Aspects of Software Engineering (FASE'09)

Editor :

Wirsing, Martin

Chechik, C.

Publisher :

Springer

ISBN/EAN :

978-3-642-00592-3

Collection name :

Vol. 5503 of Lecture Notes in Computer Science (LNCS)

Pages :

325-339

Peer reviewed :

Peer reviewed

Additional URL :

http://link.springer.com/chapter/10.1007/978-3-642-00593-0_22

Available on ORBilu :

since 05 September 2013

Statistics

Number of views

56 (1 by Unilu)

Number of downloads

0 (0 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

Bibliography

AGG Homepage, http://tfs.cs.tu-berlin.de/agg
Mouratidis, H., Giorgini, P. (eds.): Integrating Security and Software Engineering: Advances and Future Vision. Idea Group, IGI Publishing Group (2006)
Jürjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2005)
Haley, C., Moffett, J., Nuseibeh, B.: Security Requirements Engineering: A Framework for Representation and Analysis. IEEE Trans. on Software Engineering 34(1), 133-153 (2008) (Pubitemid 351343906)
Object Management Group: Meta-Object Facility (MOF), Version 2.0. (2006), http://www.omg.org/technology/documents/formal/mof.htm
Ehrig, H., Ehrig, K., Prange, U., Taentzer, G.: Fundamentals of Algebraic Graph Transformation. EATCS Monographs in Theor. Comp. Science. Springer, Heidelberg (2006)
Braatz, B., Brandt, C., Engel, T., Hermann, F., Ehrig, H.: An approach using formally well-founded domain languages for secure coarse-grained IT system modelling in a real-world banking scenario. In: Proc. 18th Australasian Conference on Information Systems (ACIS 2007) (2007)
Federal Office for Information Security (BSI): Chapter IV: Secure Client-Server Architectures for E-Government. In: E-Government Manual. INTESIO 1-179 (2006), http://www.bsi.bund.de/english/topics/egov/6verb
Lara, J., Bardohl, R., Ehrig, H., Ehrig, K., Prange, U., Taentzer, G.: Attributed Graph Transformation with Node Type Inheritance. Theoretical Computer Science 376(3), 139-163 (2007) (Pubitemid 46628728)
Habel, A., Heckel, R., Taentzer, G.: Graph Grammars with Negative Application Conditions. Special issue of Fundamenta Informaticae 26(3, 4), 287-313 (1996) (Pubitemid 126715013)
Ehrig, H., Ehrig, K., Ermel, C., Prange, U.: Consistent Integration of Models Based on Views of Visual Languages. In: Fiadeiro, J.L., Inverardi, P. (eds.) 1, Vol. 4961, pp. 62-76. Springer, Heidelberg (2008)
Object Management Group: Unified Modeling Language: Superstructure - Version 2.1.1. formal/07-02-05 (2007), http://www.omg.org/technology/documents/ formal/uml.htm
Mens, T., Taentzer, G., Müller, D.: Model-driven software refactoring. In: Rech, J., Bunse, C. (eds.) Model-Driven Software Development: Integrating Quality Assurance, pp. 170-203. Idea Group Inc. (2008)
Mens, T., Taentzer, G., Runge, O.: Analysing refactoring dependencies using graph transformation. Software and System Modeling 6(3), 269-285 (2007) (Pubitemid 47278595)
Grunske, L., Geiger, L., Zündorf, A., Van Eetvelde, N., Van Gorp, P., Varro, D.: Using Graph Transformation for Practical Model Driven Software Engineering. In: Beydeda, S., Book, M., Gruhn, V. (eds.) Model-driven Software Development, pp. 91-118. Springer, Heidelberg (2005)
Bottoni, P., Parisi-Presicce, P., Mason, G., Taentzer, G.: Specifying Coherent Refactoring of Software Artefacts with Distributed Graph Transformations. In: van Bommel, P. (ed.) Handbook on Transformation of Knowledge, Information, and Data: Theory and Applications, pp. 95-125. Idea Group Publishing (2005)
Biermann, E., Ehrig, K., Köhler, C., Kuhns, G., Taentzer, G., Weiss, E.: Graphical Definition of In-Place Transformations in the Eclipse Modeling Framework. In: Nierstrasz, O., Whittle, J., Harel, D., Reggio, G. (eds.) MoDELS 2006. LNCS, Vol. 4199, pp. 425-439. Springer, Heidelberg (2006) (Pubitemid 44618575)
Schürr, A.: Specification of Graph Translators with Triple Graph Grammars. In: Mayr, E.W., Schmidt, G., Tinhofer, G. (eds.) WG 1994. LNCS, Vol. 903, pp. 151- 163. Springer, Heidelberg (1995)
Löwe, M., König, H., Peters, M., Schulz, C.: Refactoring Information Systems. In: Proc. Software Evolution through Transformations: Embracing the Chance (SeTra 2006). Electronic Communications of the EASST, Vol. 3 (2006)
Corradini, A., Heindel, T., Hermann, F., König, B.: Sesqui-Pushout Rewriting. In: Corradini, A., Ehrig, H., Montanari, U., Ribeiro, L., Rozenberg, G. (eds.) ICGT 2006. LNCS, Vol. 4178, pp. 30-45. Springer, Heidelberg (2006) (Pubitemid 44608927)
Bardohl, R., Ehrig, H., de Lara, J., Taentzer, G.: Integrating Meta-Modelling with Graph Transformation for Efficient Visual Language Definition and Model Manipulation. In: Wermelinger, M., Margaria-Steffen, T. (eds.) FASE 2004. LNCS, Vol. 2984, pp. 214-228. Springer, Heidelberg (2004)
Hermann, F., Ehrig, H., Ermel, C.: Transformation of Type Graphs with Inheritance for Ensuring Security in E-Government Networks (Long Version). Technical Report 2008/07, TU Berlin, Fak. IV (2008), http://iv.tu-berlin.de/ TechnBerichte/2008/2008-07.pdf