A Secure Software Architecture Description Language

is becoming a more and more important concern for software architecture and software components. Previous modeling approaches provide insufficient support for an in- depth treatment of security. This paper argues for a more comprehensive treatment of an important security aspect, access control, at the architecture level. Our approach models security subject, resource, privilege, safeguard, and policy of architectural constituents. The modeling language, Secure xADL, is based on our existing modular and extensible architecture description language. Our modeling is centered around software connectors that provides a suitable vehicle to model, capture, and enforce access control. Combined with security contracts of components, connectors facilitate describing the security characteristics of software architecture, generating enabling infrastructure, and monitoring run-time conformance. This paper presents the design of the language and initial results of applying this approach. This research contributes to deeper and more comprehensive modeling of architectural security, and facilitates detecting architectural vulnerabilities and assuring correct access control at an early design stage.

[1]  Li Gong,et al.  Secure software architectures , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[2]  Elisa Bertino,et al.  An analysis of expressiveness and design issues for the generalized temporal role-based access control model , 2005, IEEE Transactions on Dependable and Secure Computing.

[3]  Nenad Medvidovic,et al.  Towards a taxonomy of software connectors , 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[4]  Marianne Winslett An Introduction to Trust Negotiation , 2003, iTrust.

[5]  Yi Deng,et al.  An Approach for Modeling and Analysis of Security System Architectures , 2003, IEEE Trans. Knowl. Data Eng..

[6]  Francesco Tisato,et al.  Architectural Reflection: Realising Software Architectures via Reflective Activities , 2000, EDO.

[7]  Sushil Jajodia,et al.  A propositional policy algebra for access control , 2003, TSEC.

[8]  Valérie Issarny,et al.  Security Benefits from Software Architecture , 1997, COORDINATION.

[9]  Bart De Win,et al.  Engineering application-level security through aspect-oriented software development , 2004 .

[10]  David Garlan,et al.  A formal basis for architectural connection , 1997, TSEM.

[11]  Jan Jürjens,et al.  UMLsec: Extending UML for Secure Systems Development , 2002, UML.

[12]  Shmuel Katz,et al.  Architectural views of aspects , 2003, AOSD '03.

[13]  Hal Berghel,et al.  The Code Red Worm , 2001, CACM.

[14]  Ninghui Li,et al.  Comparing the expressive power of access control models , 2004, CCS '04.

[15]  Michel Wermelinger,et al.  Higher-order architectural connectors , 2003, TSEM.

[16]  Jeff Magee,et al.  Dynamic structure in software architectures , 1996, SIGSOFT '96.

[17]  Richard N. Taylor,et al.  A Classification and Comparison Framework for Software Architecture Description Languages , 2000, IEEE Trans. Software Eng..

[18]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[19]  Richard N. Taylor,et al.  A comprehensive approach for the development of modular software architecture description languages , 2005, TSEM.

[20]  Ravi S. Sandhu,et al.  How to do discretionary access control using roles , 1998, RBAC '98.

[21]  Paul Dourish,et al.  Towards an architectural treatment of software security , 2005 .

[22]  Robert DeLine,et al.  Avoiding packaging mismatch with flexible packaging , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[23]  Stéphane Ducasse,et al.  Executable connectors: towards reusable design elements , 1997, ESEC '97/FSE-5.

[24]  Polar Humenn,et al.  The Formal Semantics of XACML , 2003 .

[25]  Indrakshi Ray,et al.  An aspect-based approach to modeling access control concerns , 2004, Inf. Softw. Technol..

[26]  David Garlan,et al.  A compositional approach for constructing connectors , 2001, Proceedings Working IEEE/IFIP Conference on Software Architecture.

[27]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[28]  Jeannette M. Wing A call to action look beyond the horizon , 2003, IEEE Security & Privacy Magazine.

[29]  Ninghui Li,et al.  RT: a Role-based Trust-management framework , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[30]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[31]  Victoria Ungureanu,et al.  Unified Support for Heterogeneous Security Policies in Distributed Systems , 1998, USENIX Security Symposium.