• DocumentCode
    1825651
  • Title

    Availability enforcement by obligations and aspects identification

  • Author

    Cuppens, Frédéric ; Cuppens-Boulahia, Nora ; Ramard, Tony

  • Author_Institution
    GET/ENST Bretagne, Cesson Sevigne, France
  • fYear
    2006
  • fDate
    20-22 April 2006
  • Abstract
    Information systems are more and more victim of denial of service attacks. Thus, availability is a critical property which is more and more difficult to achieve. In this paper, we devise a new approach to design programs that enforce availability requirements. This approach is based on a formal security model called Nomad which combines deontic and temporal logics. We show how to use this model to specify availability requirements. Our proposal is then based on aspect programming. For this purpose, availability requirements expressed in the Nomad model are transformed into availability aspects. Using aspect programming languages such as AspectJ, we can then weave these availability aspects to transform an insecure program into a secure one.
  • Keywords
    formal specification; object-oriented programming; security of data; temporal logic; AspectJ; Nomad model; aspect programming; availability requirement; denial of service attack; formal security model; information system; temporal logic; Availability; Buffer overflow; Computer crashes; Computer crime; Floods; Information security; Information systems; Logic programming; Protection; Web server; Availability; aspects; obligation; temporized actions;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security, 2006. ARES 2006. The First International Conference on
  • Print_ISBN
    0-7695-2567-9
  • Type

    conf

  • DOI
    10.1109/ARES.2006.36
  • Filename
    1625315