A Hierarchical Security Assessment Model for Object-Oriented Programs

We present a hierarchical model for assessing an object-oriented program's security. Security is quantified using structural properties of the program code to identify the ways in which `classified' data values may be transferred between objects. The model begins with a set of low-level security metrics based on traditional design characteristics of object-oriented classes, such as data encapsulation, cohesion and coupling. These metrics are then used to characterise higher-level properties concerning the overall readability and writ ability of classified data throughout the program. In turn, these metrics are then mapped to well-known security design principles such as `assigning the least privilege' and `reducing the size of the attack surface'. Finally, the entire program's security is summarised as a single security index value. These metrics allow different versions of the same program, or different programs intended to perform the same task, to be compared for their relative security at a number of different abstraction levels. The model is validated via an experiment involving five open source Java programs, using a static analysis tool we have developed to automatically extract the security metrics from compiled Java byte code.

[1]  Carl G. Davis,et al.  A Hierarchical Model for Object-Oriented Design Quality Assessment , 2002, IEEE Trans. Software Eng..

[2]  Mohammad Zulkernine,et al.  Security metrics for source code structures , 2008, SESS '08.

[3]  Jim Alves-Foss,et al.  Assessing computer security vulnerability , 1995, OPSR.

[4]  Issa Traoré,et al.  Empirical relation between coupling and attackability in software systems:: a case study on DOS , 2006, PLAS '06.

[5]  Mohammad Zulkernine,et al.  Using complexity, coupling, and cohesion metrics as early indicators of vulnerabilities , 2011, J. Syst. Archit..

[6]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[7]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[8]  Indrajit Ray,et al.  Measuring, analyzing and predicting security vulnerabilities in software systems , 2007, Comput. Secur..

[9]  Ken Frazer,et al.  Building secure software: how to avoid security problems the right way , 2002, SOEN.

[10]  Kymie M. C. Tan,et al.  An Approach to Measuring a System's Attack Surface , 2007 .

[11]  Gary McGraw,et al.  Securing Java: getting down to business with mobile code , 1999 .

[12]  Colin J. Fidge,et al.  Security Metrics for Object-Oriented Designs , 2010, 2010 21st Australian Software Engineering Conference.

[13]  Jacob West,et al.  Secure Programming with Static Analysis , 2007 .

[14]  Steve Lipner,et al.  Security development lifecycle , 2010, Datenschutz und Datensicherheit - DuD.

[15]  Colin J. Fidge,et al.  Security Metrics for Object-Oriented Class Designs , 2009, 2009 Ninth International Conference on Quality Software.