TY - GEN
T1 - An approach to model-based development of secure and reliable systems
AU - Fernandez, Eduardo B.
AU - Washizaki, Hironori
AU - Yoshioka, Nobukazu
AU - VanHilst, Michael
PY - 2011
Y1 - 2011
N2 - A good way to obtain secure systems is to build applications in a systematic way where security is an integral part of the lifecycle. The same applies to reliability. If we want a system which is secure and reliable, both security and reliability must be built together. If we build not only applications but also middleware and operating systems in the same way, we can build systems that not only are inherently secure but also can withstand attacks from malicious applications and resist errors. In addition, all security and reliability constraints should be defined in the application level, where their semantics is understood and propagated to the lower levels. The lower levels provide the assurance that the constraints are being followed. In this approach all security constraints are defined at the conceptual or application level. The lower levels just enforce that there are no ways to bypass these constraints. By mapping to a highly secure platform, e.g., one using capabilities, we can produce a very secure system. Our approach is based on security patterns that are mapped through the architectural levels of the system. We make a case for this approach and we present here three aspects to further develop it. These aspects include a metamodel for security requirements, a mapping of models across architectural levels, and considerations about the degree of security of the system.
AB - A good way to obtain secure systems is to build applications in a systematic way where security is an integral part of the lifecycle. The same applies to reliability. If we want a system which is secure and reliable, both security and reliability must be built together. If we build not only applications but also middleware and operating systems in the same way, we can build systems that not only are inherently secure but also can withstand attacks from malicious applications and resist errors. In addition, all security and reliability constraints should be defined in the application level, where their semantics is understood and propagated to the lower levels. The lower levels provide the assurance that the constraints are being followed. In this approach all security constraints are defined at the conceptual or application level. The lower levels just enforce that there are no ways to bypass these constraints. By mapping to a highly secure platform, e.g., one using capabilities, we can produce a very secure system. Our approach is based on security patterns that are mapped through the architectural levels of the system. We make a case for this approach and we present here three aspects to further develop it. These aspects include a metamodel for security requirements, a mapping of models across architectural levels, and considerations about the degree of security of the system.
UR - http://www.scopus.com/inward/record.url?scp=80455140427&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=80455140427&partnerID=8YFLogxK
U2 - 10.1109/ARES.2011.45
DO - 10.1109/ARES.2011.45
M3 - Conference contribution
AN - SCOPUS:80455140427
SN - 9780769544854
T3 - Proceedings of the 2011 6th International Conference on Availability, Reliability and Security, ARES 2011
SP - 260
EP - 265
BT - Proceedings of the 2011 6th International Conference on Availability, Reliability and Security, ARES 2011
T2 - 2011 6th International Conference on Availability, Reliability and Security, ARES 2011
Y2 - 22 August 2011 through 26 August 2011
ER -