Software security is a complex notion that has to be analyzed from several perspectives. One such perspective is the restriction and protection of software privileges. In other words, a secure software system should be able to prevent misuse of the privileges granted. Privileges are usually protected in software systems by integrating or implementing appropriate security modules or mechanisms. Knowing how system privileges are protected by security mechanisms helps software developers in reducing the security risks underlying software systems. In this paper, we propose a measurement framework to evaluate quantitatively the privilege protections of a software system at the design level. Our analysis is based on modelling and analyzing user interactions based on the so-called User System Interaction Effect (USIE) Model. Specifically we define some measurement abstractions and associated metrics for assessing software privilege protection. We evaluate our framework by conducting an empirical study based on a medical record keeping software system.
[1]
Ravi S. Sandhu.
The typed access matrix model
,
1992,
Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.
[2]
Jerome H. Saltzer,et al.
The protection of information in computer systems
,
1975,
Proc. IEEE.
[3]
Jan H. P. Eloff.
Selection process for security packages
,
1983,
Comput. Secur..
[4]
N. V. Balasubramanian.
Object-oriented metrics
,
1996,
Proceedings 1996 Asia-Pacific Software Engineering Conference.
[5]
Chris F. Kemerer,et al.
A Metrics Suite for Object Oriented Design
,
2015,
IEEE Trans. Software Eng..
[6]
Marc Dacier,et al.
Privilege Graph: an Extension to the Typed Access Matrix Model
,
1994,
ESORICS.