Automated detection of least privilege violations in software architectures

Scandariato, Riccardo; Buyens, Koen; Joosen, Wouter

Automated detection of least privilege violations in software architectures

Publikationstyp

Conference Paper

Date Issued

2010-08

Sprache

English

Author(s)

Scandariato, Riccardo

Buyens, Koen

Joosen, Wouter

TORE-URI

http://hdl.handle.net/11420/14985

First published in

Lecture notes in computer science

Number in series

6285 LNCS

Start Page

150

End Page

165

Citation

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 6285 LNCS: 150-165 (2010-11-05)

Contribution to Conference

4th European Conference on Software Architecture, ECSA 2010

Publisher DOI

10.1007/978-3-642-15114-9_13

Scopus ID

2-s2.0-78049333494

Publisher

Springer

Due to the lack of both precise definitions and effective software engineering methodologies, security principles are often neglected by software architects, resulting in potentially high-risk threats to the systems. This work lays the formal foundations for the understanding of the least privilege (LP) principle in software architectures and provides a technique to identify LP violations. The proposed approach is supported by tools and has been validated in four case studies, one of which is presented in detail in this paper.

Subjects

Architectural analysis

Least privilege

Security

DDC Class

004: Informatik

Options

Automated detection of least privilege violations in software architectures