• DocumentCode
    1922132
  • Title

    Identifying and Resolving Least Privilege Violations in Software Architectures

  • Author

    Buyens, Koen ; Win, Bart De ; Joosen, Wouter

  • Author_Institution
    IBBT-Distrinet Katholieke Univ. Leuven, Leuven
  • fYear
    2009
  • fDate
    16-19 March 2009
  • Firstpage
    232
  • Lastpage
    239
  • Abstract
    Security principles, like least privilege, are among the resources in the security body of knowledge that survived the test of time. The implementation of these principles in a software architecture is difficult, as there are no systematic rules on how to apply them in practice. As a result, they are often neglected, which lowers the overall security level of the software system and increases the cost necessary to fix this later in the development life-cycle. This paper improves the support for least privilege in software architectures by (i) defining the foundations to identify potential violations of the principle herein and (ii) elicitating architectural transformations that positively impact the security properties of the architecture, while preserving the semantics thereof. These results have been implemented and validated in a number of case studies.
  • Keywords
    security of data; software architecture; least privilege violation; software architecture; software system; Availability; Computer architecture; Costs; Permission; Programming; Security; Software algorithms; Software architecture; Software systems; Software testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security, 2009. ARES '09. International Conference on
  • Conference_Location
    Fukuoka
  • Print_ISBN
    978-1-4244-3572-2
  • Electronic_ISBN
    978-0-7695-3564-7
  • Type

    conf

  • DOI
    10.1109/ARES.2009.48
  • Filename
    5066478
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1922132