Using Multi-Level Security Annotations to Improve Software Assurance

Author

Kylikowski, Eryk ; Scandariato, Riccardo ; Joosen, Wouter

Author_Institution

Dept. of Comput. Sci., K.U.Leuven, Leuven

fYear

2008

fDate

3-5 Dec. 2008

Firstpage

471

Lastpage

474

Abstract

Current annotation technologies suffer from poor coverage over the development process phases, limited support for the broad scope of the security requirement types and inadequate interconnection between different process phases. In this paper, we introduce the concept of multi-level security annotation for software artifacts, which addresses these problems. Multi-level security annotations are traceable trough the development phases to provide a light-weight, user-friendly alternative to full-fledged assurance methodologies and simplify the system evolution over time with respect to security.

Keywords

software engineering; multi-level security annotations; software artifacts; software assurance; Access control; Authentication; Authorization; Computer science; Computer security; Filling; Information security; Programming; Space technology; Systems engineering and theory;

fLanguage

English

Publisher

ieee

Conference_Titel

High Assurance Systems Engineering Symposium, 2008. HASE 2008. 11th IEEE

Conference_Location

Nanjing

ISSN

1530-2059

Print_ISBN

978-0-7695-3482-4

Type

conf

DOI

10.1109/HASE.2008.60

Filename

4708909

Link To Document

https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1836503