Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Enforcing Conformance between Security Architecture and Implementation
 

Summary: Enforcing Conformance between Security
Architecture and Implementation
Marwan Abi-Antoun Jeffrey M. Barnes
April 2009
CMU-ISR-09-113
School of Computer Science
Carnegie Mellon University
Pittsburgh, PA 15213
Abstract
Analysis at the level of a runtime architecture matches the way experts reason about security or privacy
better than a purely code-based strategy. However, the architecture must still be correctly realized in the
implementation.
We previously developed Scholia to analyze, at compile time, communication integrity between arbitrary
object-oriented code, and a rich, hierarchical intended runtime architecture, using typecheckable annotations.
This paper applies Scholia to security runtime architectures. Having established traceability between the
target architecture and the code, we extend Scholia to enforce structural architectural constraints. At the
code level, annotations enforce local, modular constraints. At the architectural level, predicates enforce global
constraints. We validate the end-to-end approach in practice using a real 3,000-line Java implementation,
and enforce its conformance to a security architecture designed by an expert.
Abi-Antoun was supported in part by DARPA grant #HR00110710019, NSF grant CCF-0546550, and Army

  

Source: Abi-Antoun, Marwan - Department of Computer Science, Wayne State University
MacDonald, Lee - Department of Forest, Rangeland, and Watershed Stewardship, Colorado State University

 

Collections: Computer Technologies and Information Sciences; Environmental Sciences and Ecology