TUHH Open Research
Hilfe
  • Log In
    or
    New user? Click here to register.Have you forgotten your password?
  • English
  • Deutsch
  • Communities & Collections
  • Publications
  • Research Data
  • People
  • Institutions
  • Projects
  • Statistics
  1. Home
  2. TUHH
  3. Publications without fulltext
  4. Least privilege analysis in software architectures
 
Options

Least privilege analysis in software architectures

Publikationstyp
Journal Article
Publikationsdatum
2011-11-09
Sprache
English
Author
Buyens, Koen 
Scandariato, Riccardo 
Joosen, Wouter 
TORE-URI
http://hdl.handle.net/11420/14956
Enthalten in
Software and systems modeling 
Volume
12
Issue
2
Start Page
331
End Page
348
Citation
Software and Systems Modeling 12 (2): 331-348 (2013-05-01)
Publisher DOI
10.1007/s10270-011-0218-8
Scopus ID
2-s2.0-84878176784
Publisher
Springer
Due to the lack of both precise definitions and effective software engineering methodologies, security design principles are often neglected by software architects, resulting in potentially high-risk threats to systems. This work lays the formal foundations for understanding the security design principle of least privilege in software architectures and provides a technique to identify violations against this principle. The technique can also be leveraged to analyze violations against the security design principle of separation of duties. The proposed approach is supported by tools and has been validated in four case studies, two of which are presented in detail in this paper.
Schlagworte
Least privilege
Security analysis
Software architecture
DDC Class
004: Informatik
TUHH
Weiterführende Links
  • Contact
  • Send Feedback
  • Cookie settings
  • Privacy policy
  • Impress
DSpace Software

Built with DSpace-CRIS software - Extension maintained and optimized by 4Science
Design by effective webwork GmbH

  • Deutsche NationalbibliothekDeutsche Nationalbibliothek
  • ORCiD Member OrganizationORCiD Member Organization
  • DataCiteDataCite
  • Re3DataRe3Data
  • OpenDOAROpenDOAR
  • OpenAireOpenAire
  • BASE Bielefeld Academic Search EngineBASE Bielefeld Academic Search Engine
Feedback