Model Driven Security Engineering for the Realization of Dynamic Security Requirements in Collaborative Systems

2007 ◽  
pp. 278-287 ◽  
Author(s):  
Muhammad Alam
Keyword(s):  
Security Requirements ◽  
Collaborative Systems ◽  
Security Engineering ◽  
Model Driven ◽  
Dynamic Security

scholarly journals A Method for Model-Driven Information Flow Security

2012 ◽  
pp. 199-229 ◽  
Author(s):  
Fredrik Seehusen ◽  
Ketil Stølen
Keyword(s):  
Software Development ◽  
Information Flow ◽  
System Architecture ◽  
Security Requirements ◽  
State Machines ◽  
Flow Properties ◽  
Information Flow Security ◽  
Software Developer ◽  
Model Driven ◽  
Secure Information

We present a method for software development in which information flow security is taken into consideration from start to finish. Initially, the user of the method (i.e., a software developer) specifies the system architecture and selects a set of security requirements (in the form of secure information flow properties) that the system must adhere to. The user then specifies each component of the system architecture using UML inspired state machines, and refines/transforms these (abstract) state machines into concrete state machines. It is shown that if the abstract specification adheres to the security requirements, then so does the concrete one provided that certain conditions are satisfied.

Cloud Security Engineering Concept and Vision

2018 ◽  
pp. 93-101 ◽  
Author(s):  
Shadi Aljawarneh
Keyword(s):  
Cloud Security ◽  
Research Community ◽  
Security Requirements ◽  
Software System ◽  
Security Engineering ◽  
Security Issues ◽  
Requirements Specifications ◽  
Evolutionary Changes ◽  
World Environment ◽  
Engineering Concept

The research community found that a software system should be evolved once every few months to ensure it is adapted to the real-world environment. The system evolution requires regularly amendments that append, delete, or alter features. It also migrates or converts the software system from one operating platform to another. These amendments may result in requirements/ specifications that were satisfied in a previous release of a software system not being satisfied in the subsequent versions. As a result, software evolutionary changes violate security requirements, and then a system may become vulnerable to different kinds of attacks. In this paper, concepts and visions are presented to avoid/minimize the Cloud security issues.

An MDA Compliant Approach for Designing Secure Data Warehouses

2009 ◽  
pp. 495-503
Author(s):  
Rodolfo Villarroel ◽  
Eduardo Fernández-Medina ◽  
Juan Trujillo ◽  
Mario Piattini
Keyword(s):  
Real World ◽  
Conceptual Modeling ◽  
Security Requirements ◽  
Data Warehouses ◽  
Model Driven ◽  
Secure Data ◽  
Security Information ◽  
Target Platform ◽  
Compliant Approach ◽  
User Security

This chapter presents an approach for designing secure Data Warehouses (DWs) that accomplish the conceptual modeling of secure DWs independently from the target platform where the DW has to be implemented, because our complete approach follows the Model Driven Architecture (MDA) and the Model Driven Security (MDS). In most of real world DW projects, the security aspects are issues that usually rely on the DBMS administrators. We argue that the design of these security aspects should be considered together with the conceptual modeling of DWs from the early stages of a DW project, and being able to attach user security information to the basic structures of a Multidimensional (MD) model. In this way, we would be able to generate this information in a semi or automatic way into a target platform and the final DW will better suits the user security requirements.

An MDA Compliant Approach for Designing Secure Data Warehouses

2011 ◽  
pp. 261-272
Author(s):  
Villarroel Rodolfo ◽  
Fernández-Medina Eduardo ◽  
Trujillo Juan ◽  
Piattini Mario
Keyword(s):  
Real World ◽  
Conceptual Modeling ◽  
Security Requirements ◽  
Data Warehouses ◽  
Model Driven ◽  
Secure Data ◽  
Security Information ◽  
Target Platform ◽  
Compliant Approach ◽  
User Security

This chapter presents an approach for designing secure Data Warehouses (DWs) that accomplish the conceptual modeling of secure DWs independently from the target platform where the DW has to be implemented, because our complete approach follows the Model Driven Architecture (MDA) and the Model Driven Security (MDS). In most of real world DW projects, the security aspects are issues that usually rely on the DBMS administrators. We argue that the design of these security aspects should be considered together with the conceptual modeling of DWs from the early stages of a DW project, and being able to attach user security information to the basic structures of a Multidimensional (MD) model. In this way, we would be able to generate this information in a semi or automatic way into a target platform and the final DW will better suits the user security requirements.

scholarly journals QoSS Hierarchical NoC-Based Architecture for MPSoC Dynamic Protection

2012 ◽  
Vol 2012 ◽  
pp. 1-10 ◽  
Author(s):  
Johanna Sepulveda ◽  
Ricardo Pires ◽  
Guy Gogniat ◽  
Wang Jiang Chau ◽  
Marius Strum
Keyword(s):  
Critical Role ◽  
Security Requirements ◽  
Multiprocessor System ◽  
Electronic Systems ◽  
Fast Detection ◽  
Dynamic Security ◽  
Wide System ◽  
Wide Range ◽  
On Chip ◽  
Novel Concept

As electronic systems are pervading our lives, MPSoC (multiprocessor system-on-chip) security is becoming an important requirement. MPSoCs are able to support multiple applications on the same chip. The challenge is to provide MPSoC security that makes possible a trustworthy system that meets the performance and security requirements of all the applications. The network-on-chip (NoC) can be used to efficiently incorporate security. Our work proposes the implementation of QoSS (quality of security service) to overcome present MPSoC vulnerabilities. QoSS is a novel concept for data protection that introduces security as a dimension of QoS. QoSS takes advantage of the NoC wide system visibility and critical role in enabling system operation, exploiting the NoC components to detect and prevent a wide range of attacks. In this paper, we present the implementation of a layered dynamic security NoC architecture that integrates agile and dynamic security firewalls in order to detect attacks based on different security rules. We evaluate the effectiveness of our approach over several MPSoCs scenarios and estimate their impact on the overall performance. We show that our architecture can perform a fast detection of a wide range of attacks and a fast configuration of different security policies for several MPSoC applications.

Adaptable, model-driven security engineering for SaaS cloud-based applications

2013 ◽  
Vol 21 (2) ◽  
pp. 187-224 ◽  
Author(s):  
Mohamed Almorsy ◽  
John Grundy ◽  
Amani S. Ibrahim
Keyword(s):  
Security Engineering ◽  
Model Driven ◽  
Saas Cloud
Sign in / Sign up

Export Citation Format

Share Document