Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Enforcing Conformance between Security Architecture and Implementation

Summary: Enforcing Conformance between Security
Architecture and Implementation
Marwan Abi-Antoun Jeffrey M. Barnes
April 2009
School of Computer Science
Carnegie Mellon University
Pittsburgh, PA 15213
Analysis at the level of a runtime architecture matches the way experts reason about security or privacy
better than a purely code-based strategy. However, the architecture must still be correctly realized in the
We previously developed Scholia to analyze, at compile time, communication integrity between arbitrary
object-oriented code, and a rich, hierarchical intended runtime architecture, using typecheckable annotations.
This paper applies Scholia to security runtime architectures. Having established traceability between the
target architecture and the code, we extend Scholia to enforce structural architectural constraints. At the
code level, annotations enforce local, modular constraints. At the architectural level, predicates enforce global
constraints. We validate the end-to-end approach in practice using a real 3,000-line Java implementation,
and enforce its conformance to a security architecture designed by an expert.
Abi-Antoun was supported in part by DARPA grant #HR00110710019, NSF grant CCF-0546550, and Army


Source: Abi-Antoun, Marwan - Department of Computer Science, Wayne State University
MacDonald, Lee - Department of Forest, Rangeland, and Watershed Stewardship, Colorado State University


Collections: Computer Technologies and Information Sciences; Environmental Sciences and Ecology