A Framework for an Active Interface to Characterise Compositional Security Contracts of Software Components

Canberra, Australia August 27-August 28

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ASWEC.2001.948505

13th Australian Software Engineering ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Khaled Khan Articles by Jun Han Articles by Yuliang Zheng

	ASCII Text	x
	Khaled Khan, Jun Han, Yuliang Zheng, "A Framework for an Active Interface to Characterise Compositional Security Contracts of Software Components," Australian Software Engineering Conference, pp. 0117, 13th Australian Software Engineering Conference (ASWEC'01), 2001.

	BibTex	x
	@article{ 10.1109/ASWEC.2001.948505, author = {Khaled Khan and Jun Han and Yuliang Zheng}, title = {A Framework for an Active Interface to Characterise Compositional Security Contracts of Software Components}, journal ={Australian Software Engineering Conference}, volume = {0}, year = {2001}, isbn = {0-7695-1254-2}, pages = {0117}, doi = {http://doi.ieeecomputersociety.org/10.1109/ASWEC.2001.948505}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Australian Software Engineering Conference TI - A Framework for an Active Interface to Characterise Compositional Security Contracts of Software Components SN - 0-7695-1254-2 SP EP A1 - Khaled Khan, A1 - Jun Han, A1 - Yuliang Zheng, PY - 2001 VL - 0 JA - Australian Software Engineering Conference ER -

Khaled Khan, University of Western Sydney

Jun Han, Monash University

Yuliang Zheng, Monash University

Abstract: This paper presents a framework for constructing compositional security contracts (CsC) based on the security property exposed by the atomic component. The framework uses interface structure of components in order to determine the CsC of software components. An active interface provides the component a basis for reasoning and assessing a component's suitability to meet certain security requirements of a particular application. Based on the security information available from the component interface, an active interface can reason whether the candidate component meets the security requirements for an envisaged systemwide application. Any security mismatches or discrepancies between components can be identified by the participating components before an actual composition takes place. Exposing the security properties of software components can be the basis for a trust relationship among components, and the exposed security could affect the underlying security of the enclosing system.

Citation:

Khaled Khan, Jun Han, Yuliang Zheng, "A Framework for an Active Interface to Characterise Compositional Security Contracts of Software Components," aswec, pp.0117, 13th Australian Software Engineering Conference (ASWEC'01), 2001

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.