Architecture-based refinements for secure computer systems design

The successful design and implementation of secure systems must occur from the beginning. A component that must process data at multiple security levels is very critical and must go through additional evaluation to ensure the processing is secure. It is common practice to isolate and separate the processing of data at different levels into different components. In this paper we present architecture-based refinement techniques for the design of multilevel secure systems. We discuss what security requirements must be satisfied through the refinement process, including when separation works and when it does not. The process oriented approach will lead to verified engineering techniques for secure systems, which should greatly reduce the cost of certification of those systems.

[1]  Aris Zakinthinos,et al.  On the composition of security properties , 1997 .

[2]  John McLean,et al.  A General Theory of Composition for a Class of "Possibilistic'' Properties , 1996, IEEE Trans. Software Eng..

[3]  Yi Deng,et al.  An Approach for Modeling and Analysis of Security System Architectures , 2003, IEEE Trans. Knowl. Data Eng..

[4]  Daryl McCullough,et al.  Noninterference and the composability of security properties , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[5]  Eric S. K. Yu,et al.  An approach to building quality into software architecture , 1995, CASCON.

[6]  Richard N. Taylor,et al.  A Classification and Comparison Framework for Software Architecture Description Languages , 2000, IEEE Trans. Software Eng..

[7]  George R. Ribeiro-Justo,et al.  A framework for building non-functional software architectures , 2001, SAC.

[8]  Nenad Medvidovic,et al.  Leveraging architectural models to inject trust into software systems , 2005, SESS@ICSE.

[9]  James P Anderson,et al.  Computer Security Technology Planning Study , 1972 .

[10]  Vincenzo Ambriola,et al.  Architectural transformations , 2002, SEKE '02.

[11]  John Leaney,et al.  Non-functional refinement of computer based systems architecture , 2004, Proceedings. 11th IEEE International Conference and Workshop on the Engineering of Computer-Based Systems, 2004..

[12]  K. Suzanne Barber,et al.  Enabling iterative software architecture derivation using early non-functional property evaluation , 2002, Proceedings 17th IEEE International Conference on Automated Software Engineering,.

[13]  Xiaolei Qian,et al.  Correct Architecture Refinement , 1995, IEEE Trans. Software Eng..

[14]  Xavier Franch,et al.  Putting non-functional requirements into software architecture , 1998, Proceedings Ninth International Workshop on Software Specification and Design.

[15]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[16]  Bernhard Rumpe,et al.  Refinement of Pipe-and-Filter Architectures , 1999, World Congress on Formal Methods.

[17]  David Garlan,et al.  Style-based refinement for software architecture , 1996, ISAW '96.

[18]  Jim Alves-Foss,et al.  The MILS architecture for high-assurance embedded systems , 2006, Int. J. Embed. Syst..

[19]  George R. Ribeiro-Justo,et al.  Incorporating Non-functional Requirements into Software Architectures , 2000, IPDPS Workshops.

[20]  Li Gong,et al.  Secure software architectures , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).