Cookie Settings

Cookies are small text files that your web browser uses to save your so-called session. We use technically necessary cookies to be able to offer a comfortable booking process. In addition, you can help us to continuously optimize the booking portal by agreeing to our analytics cookies:

Allow Cookies

Disallow Cookies

View my cookie settings

De En Es
Customer Support/Contact

Cuvillier Verlag

Publications, Dissertations, Habilitations & Brochures.
International Specialist Publishing House for Science and Economy

Cuvillier Verlag

De En Es
Departments
Book Series (90)
1260
Humanities
2246
Natural Sciences
5309
Mathematics 223
Informatics 310
Physics 971
Chemistry 1346
Geosciences 130
Human medicine 241
Stomatology 10
Veterinary medicine 98
Pharmacy 147
Biology 812
Biochemistry, molecular biology, gene technology 114
Biophysics 25
Domestic and nutritional science 44
Agricultural science 992
Forest science 202
Horticultural science 18
Environmental research, ecology and landscape conservation 145
Engineering
1713
Common
91
Leitlinien Unfallchirurgie
5. Auflage bestellen
Advanced Search
Aspect-oriented Security Engineering

Hard Copy
EUR 59.90

E-book
EUR 41.90

Aspect-oriented Security Engineering (English shop)

A Model-based Approach

Peter Amthor (Author)

Preview

Extract, PDF (600 KB)
Table of Contents, PDF (540 KB)

ISBN-13 (Hard Copy) 9783736999800
ISBN-13 (eBook) 9783736989801
Language English
Page Number 260
Lamination of Cover matt
Edition 1.
Publication Place Göttingen
Place of Dissertation Ilmenau
Publication Date 2019-03-05
General Categorization Dissertation
Departments Informatics
Keywords Information Security, Computer Security, System Security, System Design, Software Engineering, Security Engineering, Security Policy, Security Model, Security Property, Security Analysis, Access Control, Role-based Access Control, RBAC, Attribute-based Access Control, ABAC, Aspect-oriented Engineering, Non-functional Property, Formal Methods, Entity Labeling, Model-based Design, Model Engineering, Model Analysis, Model Core, Dynamic Property, Safety, Heuristic Analysis, Operating System, Middleware, Linux, SELinux
URL to External Homepage https://www.tu-ilmenau.de/vsbs/
Description

Engineering secure systems is an error-prone process, where any decision margin potentially favors critical implementation faults. To this end, formal security models serve as an abstract basis for verifying security properties. Unfortunately, the potential for human error in engineering and analyzing such models is still considerable.
This work seeks to mitigate this problem. We identified semantic gaps between security requirements, informal security policies, and security models as a major source of error. Our goal is then based on this observation: to support error-minimizing design decisions by bridging such gaps. Due to the broad range of security-critical application domains, no single modeling framework may achieve this. We therefore adopt the idea of aspect-oriented software development to tailor the formal part of a security engineering process towards security requirements of the system.
Our method, termed aspect-oriented security engineering, is based on the idea of keeping each step in this process well-defined, small, and monotonic in terms of the degree of formalism. Our practical results focus on two use cases: first, model engineering for operating systems and middleware security policies; second, model analysis of runtime properties related to potential privilege escalation. We eventually combine both use cases to present a model-based reengineering approach for the access control system of Security-Enhanced Linux (SELinux).