Achieving Security Assurance with Assertion-based Application Construction
Journal Title: EAI Endorsed Transactions on Collaborative Computing - Year 2015, Vol 1, Issue 6
Abstract
Modern software applications are commonly built by leveraging pre-fabricated modules, e.g. application programming interfaces (APIs), which are essential to implement the desired functionalities of software applications, helping reduce the overall development costs and time. When APIs deal with security-related functionality, it is critical to ensure they comply with their design requirements since otherwise unexpected flaws and vulnerabilities may consequently occur. Often, such APIs may lack sufficient specification details, or may implement a semantically-different version of a desired security model to enforce, thus possibly complicating the runtime enforcement of security properties and making it harder to minimize the existence of serious vulnerabilities. This paper proposes a novel approach to address such a critical challenge by leveraging the notion of software assertions. We focus on security requirements in role-based access control models and show how proper verification at the source-code level can be performed with our proposed approach as well as with automated state-of-the-art assertion-based techniques.
Authors and Affiliations
Carlos E. Rubio-Medrano, Gail-Joon Ahn, Karsten Sohr
Keywords
Related Articles
- EP ID EP45707
- DOI http://dx.doi.org/10.4108/eai.21-12-2015.150819
- Views 315
- Downloads 0
The Richness of Open-ended Play - Rules, feedback and adaptation mechanisms in intelligent play environments
How can we design intelligent play environments for open-ended play that support richness in play? Rich play can be described as ongoing play that changes over time in character, form and nature. This paper elaborates on...
MOSDEN: A Scalable Mobile Collaborative Platform for Opportunistic Sensing Applications
Mobile smartphones along with embedded sensors have become an efficient enabler for various mobile applications including opportunistic sensing. The hi-tech advances in smartphones are opening up a world of possibilities...
A Tuple Space for Data Sharing in Robot Swarms
In this paper, we present a system to allow a swarm of robots to agree on a set of (key,value) pairs. This system enables a form of information sharing that has the potential to be an asset for coordination in complex en...
An Augmented User Model for Personalized Search in Collaborative Social Tagging Systems
Alongside the enormous volume of user-generated content posted to World Wide Web, there exists a thriving demand for search personalization services. To provide personalized services, a user model is usually required. We...
Reconciling Schema Matching Networks Through Crowdsourcing
for data integration purposes. Although several automatic schema matching tools have been developed, their results are often incomplete or erroneous. To obtain a correct set of correspondences, usually human effort is re...