Specifying Security Goals of Component Based Systems: An End-User Perspective
Author | Khan, Khaled M. |
Author | Han, Jun |
Available date | 2009-12-28T07:05:00Z |
Publication Date | 2008-02-25 |
Publication Name | Seventh International Conference on Composition-Based Software Systems 2008 |
Citation | Khan, K.M.; Han, J., "Specifying Security Goals of Component Based Systems: An End-User Perspective," Composition-Based Software Systems, 2008. ICCBSS 2008. Seventh International Conference on , vol., no., pp.101-109, 25-29 Feb. 2008 |
Abstract | This paper treats security from a software engineering point of view. Security issues of software components are usually handled at the two levels of development abstractions: by the security experts during the component design, and by the software engineers during the composition of an application system. Security experts identify the threats of the component, define the security policies and functions. On the other hand, the software engineers are more interested in the compositional impact and conformity of the security properties designed and implemented by the security experts. This paper identifies a third level of abstraction: security from the end-users' perspective. This paper argues that the end-users of the system should know the specific security objectives actually achieved at the system-level. This paper makes the following three specific contributions in this regard: (i) a need for a separate view of security at the end-user level; (ii) the formulation of security goals; (iii) the derivation of security goals for automatic processing. |
Language | en |
Publisher | IEEE |
Subject | software service software composition security properties security goals end users perpective |
Type | Conference Paper |
Files in this item
Files | Size | Format | View |
---|---|---|---|
There are no files associated with this item. |
This item appears in the following Collection(s)
-
Computer Science & Engineering [2402 items ]