An Approach to Model-based Development of Secure and Reliable Systems

A good way to obtain secure systems is to build applications in a systematic way where security is an integral part of the lifecycle. The same applies to reliability. If we want a system which is secure and reliable, both security and reliability must be built together. If we build not only applications but also middleware and operating systems in the same way, we can build systems that not only are inherently secure but also can withstand attacks from malicious applications and resist errors. In addition, all security and reliability constraints should be defined in the application level, where their semantics is understood and propagated to the lower levels. The lower levels provide the assurance that the constraints are being followed. In this approach all security constraints are defined at the conceptual or application level. The lower levels just enforce that there are no ways to bypass these constraints. By mapping to a highly secure platform, e.g., one using capabilities, we can produce a very secure system. Our approach is based on security patterns that are mapped through the architectural levels of the system. We make a case for this approach and we present here three aspects to further develop it. These aspects include a metamodel for security requirements, a mapping of models across architectural levels, and considerations about the degree of security of the system.

[1]  Eduardo B. Fernández,et al.  A UML-Based Methodology for Secure Systems: The Design Stage , 2005, WOSIS.

[2]  B. J. Ferro Castro,et al.  Pattern-Oriented Software Architecture: A System of Patterns , 2009 .

[3]  Eduardo B. Fernández,et al.  Eliciting Security Requirements through Misuse Activities , 2008, 2008 19th International Workshop on Database and Expert Systems Applications.

[4]  Michael McIntosh,et al.  Business-driven application security: From modeling to managing secure applications , 2005, IBM Syst. J..

[5]  Ehud Gudes,et al.  A Method-Based Authorization Model for Object-Oriented Databases , 1993, Security for Object-Oriented Systems.

[6]  Eduardo B. Fernandez,et al.  Patterns for the eXtensible Access Control Markup Language , 2005 .

[7]  Elisa Bertino,et al.  Database security - concepts, approaches, and challenges , 2005, IEEE Transactions on Dependable and Secure Computing.

[8]  Peter Sommerlad,et al.  Pattern-Oriented Software Architecture Volume 1: A System of Patterns , 1996 .

[9]  Eduardo B. Fernández,et al.  Modeling Misuse Patterns , 2009, 2009 International Conference on Availability, Reliability and Security.

[10]  Eduardo B. Fernández,et al.  Attack Patterns: A New Forensic and Design Tool , 2007, IFIP Int. Conf. Digital Forensics.

[11]  Eduardo B. Fernandez,et al.  A Methodology to Develop Secure Systems Using Patterns , 2006 .

[12]  Markus Schumacher,et al.  Security Engineering with Patterns , 2003, Lecture Notes in Computer Science.

[13]  Peter Sommerlad,et al.  Security Patterns: Integrating Security and Systems Engineering , 2006 .

[14]  David Geer,et al.  Are Companies Actually Using Secure Development Life Cycles? , 2010, Computer.

[15]  Peter Sommerlad,et al.  Pattern-Oriented Software Architecture: A System of Patterns: John Wiley & Sons , 1987 .

[16]  David Basin,et al.  Model driven security: From UML models to access control infrastructures , 2006, TSEM.

[17]  Jan Jürjens Sound methods and effective tools for model-based security engineering with UML , 2005, ICSE '05.

[18]  Anneke Kleppe,et al.  The object constraint language: precise modeling with UML , 1998 .

[19]  E. B. Fernandez,et al.  Determining role rights from use cases , 1997, RBAC '97.

[20]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[21]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[22]  Haralambos Mouratidis,et al.  Analysing Security in Information Systems , 2004 .

[23]  Xiaohong Yuan,et al.  Securing analysis patterns , 2007, ACM-SE 45.