Title :
Model Checking Security Pattern Compositions
Author :
Dong, Jing ; Peng, Tu ; Zhao, Yajing
Author_Institution :
Univ. of Texas at Dallas Richardson, Dallas
Abstract :
Security patterns capture best practice on secure software design and development. They document typical solutions to security problems. To ensure security, large software system design may apply many security patterns to solve different problems. Although each security pattern describes a good design guideline, the compositions of these security patterns may not be consistent and encounter problems and flaws. In this paper, we present an approach to model checking the compositions of security patterns. In this way, the properties of the security patterns can be checked by a model checker when they are composed. Composition errors and problems can be discovered early in the design stage. We also use a case study to illustrate our approach and show the detection of several errors.
Keywords :
program verification; security of data; software engineering; model checking; secure software design; secure software development; security pattern compositions; Algorithm design and analysis; Communication system security; Computer science; Computer security; Error correction; Logic; Pattern analysis; Software design; Software quality; Software systems;
Conference_Titel :
Quality Software, 2007. QSIC '07. Seventh International Conference on
Conference_Location :
Portland, OR
Print_ISBN :
978-0-7695-3035-2
DOI :
10.1109/QSIC.2007.4385483
