Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

STRIDE-based security model in Acme Marwan Abi-Antoun

Summary: STRIDE-based security model in Acme
Marwan Abi-Antoun
Jerey M. Barnes
January 2010
School of Computer Science
Carnegie Mellon University
Pittsburgh, PA 15213

Department of Computer Science, Wayne State University
Institute for Software Research, Carnegie Mellon University
In earlier work, Abi-Antoun, Wang and Torr dened a model for reasoning about security at the architectural-
level, following the STRIDE methodology, which looks for vulnerabilities in the areas of Spoong, Tampering,
Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege.
The previous security model and checker were implemented using custom code. We now formalize the same
model using ADL support for architectural types and properties, and dene the checks as logic predicates.
Using an ADL gives the benet of having a declarative model, with less room for error compared to custom
code. Moreover, with such a model, power users can more easily add properties and predicates to extend or
customize the security analysis.


Source: Abi-Antoun, Marwan - Department of Computer Science, Wayne State University
Carnegie Mellon University, School of Computer Science


Collections: Computer Technologies and Information Sciences