Options
Composition of least privilege analysis results in software architectures
Publikationstyp
Conference Paper
Publikationsdatum
2011-05
Sprache
English
Start Page
29
End Page
35
Citation
Proceedings - International Conference on Software Engineering: 29-35 (2011-06-29)
Contribution to Conference
Publisher DOI
Scopus ID
Publisher
ACM
Security principles are often neglected by software architects, due to the lack of precise definitions. This results in potentially high-risk threats to systems. Our own previous work tackled this by introducing formal foundations for the least privilege (LP) principle in software architectures and providing a technique to identify violations to this principle. This work shows that this technique can scale by composing the results obtained from the analysis of the sub-parts of a larger system. The technique decomposes the system into independently described subsystems and a description listing the interactions between these subsystems. These descriptions are thence analyzed to obtain LP violations and subsequently composed to obtain the violations of the overall system.
Schlagworte
Least privilege
Security analysis
Software architecture
DDC Class
004: Informatik