Software Architectural Design Meets Security Engineering

Security requirements strongly influence the architectural design of complex IT systems in a similar way as other non-functional requirements. Both security engineering as well as software engineering provide methods to deal with such requirements. However, there is still a critical gap concerning the integration of the methods of these separate fields. In this paper we close this gap with respect to security requirements by proposing a method that combines software engineering approaches with state-of-the-art security engineering principles. This method establishes an explicit alignment between the non-functional goal, the principles in the field of security engineering, and the implementation of a security architecture. The method aims at designing a system's security architecture based on a small, precisely defined, and application-specific trusted computing base. We illustrate this method by means of a case study which describes distributed enterprise resource planning systems using web services to implement business processes across company boundaries.

[1]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[2]  Elisa Bertino,et al.  A Trust-Based Context-Aware Access Control Model for Web-Services , 2004, Proceedings. IEEE International Conference on Web Services, 2004..

[3]  Wilhelm Hasselbring,et al.  Classifying architectural constraints as a basis for software quality assessment , 2007, Adv. Eng. Informatics.

[4]  Winfried E. Kühnhauser,et al.  CWASAR: a European Infrastructure for Secure Electronic Commerce , 1997, J. Comput. Secur..

[5]  Peter Loscocco,et al.  Meeting Critical Security Objectives with Security-Enhanced Linux , 2001 .

[6]  Eddie Kohler,et al.  Manageable fine-grained information flow , 2008, Eurosys '08.

[7]  Kyo Chul Kang,et al.  Feature-Oriented Domain Analysis (FODA) Feasibility Study , 1990 .

[8]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[9]  Winfried E. Kühnhauser A classification of interdomain actions , 1998, OPSR.

[10]  Elisa Bertino,et al.  A Trust-Based Context-Aware Access Control Model for Web-Services , 2004, Proceedings. IEEE International Conference on Web Services, 2004..

[11]  Frédéric Cuppens,et al.  Specifying a security policy: a case study , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[12]  Paul Clements,et al.  Recommended Best Industrial Practice for Software Architecture Evaluation. , 1997 .

[13]  Winfried E. Kühnhauser,et al.  Embedding security policies into a distributed computing environment , 1999, OPSR.

[14]  John Mylopoulos,et al.  Non-Functional Requirements in Software Engineering , 2000, International Series in Software Engineering.

[15]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[16]  Julio Cesar Sampaio do Prado Leite,et al.  On Non-Functional Requirements in Software Engineering , 2009, Conceptual Modeling: Foundations and Applications.

[17]  HalfmannUdo,et al.  Embedding security policies into a distributed computing environment , 1999 .

[18]  Jorge Lobo,et al.  Privacy-Aware Role-Based Access Control , 2007, IEEE Security & Privacy.

[19]  H. Schneider Failure mode and effect analysis : FMEA from theory to execution , 1996 .

[20]  Stephen Smalley,et al.  Configuring the SELinux Policy , 2008 .

[21]  Timothy Fraser,et al.  A Security Policy Configuration for the Security-Enhanced Linux , 2002 .

[22]  Jan Bosch,et al.  Design and use of software architectures - adopting and evolving a product-line approach , 2000 .

[23]  Cynthia E. Irvine The Reference Monitor Concept as a Unifying Principle in Computer Security Education , 1999 .

[24]  D. E. Bell,et al.  Secure Computer Systems : Mathematical Foundations , 2022 .

[25]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[26]  James P Anderson,et al.  Computer Security Technology Planning Study , 1972 .

[27]  Lawrence Chung,et al.  Process-oriented metrics for software architecture evolvability , 2003, Sixth International Workshop on Principles of Software Evolution, 2003. Proceedings..

[28]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.