Title :
Secure software architectures
Author :
Moriconi, Mark ; Qian, Xiaolei ; Riemenschneider, R.A. ; Gong, Li
Author_Institution :
Comput. Sci. Lab., SRI Int., Menlo Park, CA, USA
Abstract :
The computer industry is increasingly dependent on open architectural standards for their competitive success. This paper describes a new approach to secure system design in which the various representations of the architecture of a software system are described formally and the desired security properties of the system are proven to hold at the architectural level. The main ideas are illustrated by means of the X/Open distributed transaction processing reference architecture, which is formalized and extended for secure access control as defined by the Bell-LaPadula model. The extension allows vendors to develop individual components independently and with minimal concern about security. Two important observations were gleaned on the implications of incorporating security into software architectures
Keywords :
DP industry; authorisation; distributed processing; open systems; security of data; software engineering; transaction processing; Bell-LaPadula model; X/Open distributed transaction processing reference architecture; competitive success; computer industry; formal methods; open architectural standards; secure access control; secure software architectures; secure system design; security properties; Access control; Computer architecture; Computer industry; Computer science; Desktop publishing; Laboratories; Resource management; Security; Software architecture; Software systems;
Conference_Titel :
Security and Privacy, 1997. Proceedings., 1997 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-7828-3
DOI :
10.1109/SECPRI.1997.601320
