A Generic Model for Assessing Multilevel Security-Critical Object-Oriented Programs
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2016, Vol 7, Issue 11
Abstract
The most promising approach for developing secure systems is the one which allows software developers to assess and compare the relative security of their programs based on their designs. Thereby, software metrics provide an easy approach for evaluating the security of certain object-oriented designs. They can also measure the impact on security that caused by modifications to existing programs. However, most studies in this area focus on a binary classification of data, either is classified or unclassified. In fact, there are other models with other classifications of data, for instance, the common model used by Defense departments that classifies data into four security levels. However, these various classifications have received little attention in terms of measuring their effect. This paper introduces a model for measuring information flow of security-critical data within a certain object-oriented program with multilevel classification of its security-critical data. It defines a set of object-oriented security metrics which are capable of assessing the security of a given program’s design from the point of view of potential information flow. These metrics can be used to compare the security of programs or assess the effect of program modifications on security. Specifically, this paper proposes a generic model that consists of several security metrics to measure the relative security of object-oriented designs with respect to design quality properties of accessibility, cohesion, coupling, and design size.
Authors and Affiliations
Bandar M. Alshammari
Keywords
Related Articles
- EP ID EP397095
- DOI 10.14569/IJACSA.2016.071154
- Views 97
- Downloads 0
Literature Survey of previous research work in Models and Methodologies in Project Management
This paper provides a survey of the existing literature and research carried out in the area of project management using different models, methodologies, and frameworks. Project Management (PM) broadly means programme ma...
Denoising in Wavelet Domain Using Probabilistic Graphical Models
Denoising of real world images that are degraded by Gaussian noise is a long established problem in statistical signal processing. The existing models in time-frequency domain typically model the wavelet coefficients as...
Timed-Arc Petri-Nets based Agent Communication for Real-Time Multi-Agent Systems
This research focuses on Timed-Arc Petri-nets-based agent communication in real-time multi-agent systems. The Agent Communication Language is a standard language for the agents to communicate. The objective is to combine...
Achieving Flatness: Honeywords Generation Method for Passwords based on user behaviours
Honeywords (decoy passwords) have been proposed to detect attacks against hashed password databases. For each user account, the original password is stored with many honeywords in order to thwart any adversary. The honey...
Insights on Error-Resilient Image Transmission Schemes on Wireless Network
Usage of image as data (or signal) is quite frequent in majority of the user-centric application. However, transmission of image over non-concrete communication medium like air is still vulnerable due to inherent weaknes...