Summary: STRIDE-based security model in Acme
Jerey M. Barnes
School of Computer Science
Carnegie Mellon University
Pittsburgh, PA 15213
Department of Computer Science, Wayne State University
Institute for Software Research, Carnegie Mellon University
In earlier work, Abi-Antoun, Wang and Torr dened a model for reasoning about security at the architectural-
level, following the STRIDE methodology, which looks for vulnerabilities in the areas of Spoong, Tampering,
Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege.
The previous security model and checker were implemented using custom code. We now formalize the same
model using ADL support for architectural types and properties, and dene the checks as logic predicates.
Using an ADL gives the benet of having a declarative model, with less room for error compared to custom
code. Moreover, with such a model, power users can more easily add properties and predicates to extend or
customize the security analysis.