Title :
Resolving least privilege violations in software architectures
Author :
Buyens, Koen ; Win, Bart De ; Joosen, Wouter
Author_Institution :
IBBT-Distrinet
Abstract :
Supporting a security principle, such as least privilege, in a software architecture is difficult. Systematic rules are lacking, no guidance explains how to apply the principle in practice. As a result, security principles are often neglected. This lowers the overall security level of the software system and the cost of fixing such problems later on in the development cycle is high. We propose an improvement in supporting least privilege in software architectures. We have identified architectural transformations that reduce violations to the principle of least privilege. These transformations have been implemented. We have applied the solution on a case study.
Keywords :
security of data; software architecture; least privilege violations; security principle; software architectures; Computer architecture; Concrete; Conferences; Costs; Information security; Permission; Process control; Programming; Software architecture; Software systems;
Conference_Titel :
Software Engineering for Secure Systems, 2009. SESS '09. ICSE Workshop on
Conference_Location :
Vancouver, BC
Print_ISBN :
978-1-4244-3725-2
DOI :
10.1109/IWSESS.2009.5068453
