Design of Secure Software Architectures with Secure Connectors

Abstract: This paper describes the design of secure connectors that are used in the design of secure software architectures for distributed business applications. Mixing security concerns with business concerns in software architectures makes applications more complex. With the goal of making secure software architectures more maintainable and evolvable, the secure connectors proposed in this paper are designed separately from business application components by considering different communication patterns between the co… Show more

“…In later work by a coauthor in [8], an approach is described for modeling the evolution of a non-secure application to a secure application in terms of the requirements and software architecture. The recent work by coauthors in [9,10] proposes the design of reusable secure connectors using a component-based approach in which reusable secure connectors are structured into reusable security components and communication components.…”

“…Several approaches [3,4,5,6,7,8,9,10] have been developed to make applications secure in software development. Most of the approaches have focused on specifying and designing applications using security services in order to build secure applications.…”

“…Security requirements are specified with Unified Modeling Language (UML) [11,12] and its extended notation [3,4], separately from application requirements [7]. Secure software architecture is designed by means of secure connectors [8,9,10,13] that encapsulate security services. However, less attention has been paid to the tolerance of broken security services.…”

Analysis of Security-Failure Tolerant Requirements

“…In later work by a coauthor in [8], an approach is described for modeling the evolution of a non-secure application to a secure application in terms of the requirements and software architecture. The recent work by coauthors in [9,10] proposes the design of reusable secure connectors using a component-based approach in which reusable secure connectors are structured into reusable security components and communication components.…”

“…Several approaches [3,4,5,6,7,8,9,10] have been developed to make applications secure in software development. Most of the approaches have focused on specifying and designing applications using security services in order to build secure applications.…”

“…Security requirements are specified with Unified Modeling Language (UML) [11,12] and its extended notation [3,4], separately from application requirements [7]. Secure software architecture is designed by means of secure connectors [8,9,10,13] that encapsulate security services. However, less attention has been paid to the tolerance of broken security services.…”

Analysis of Security-Failure Tolerant Requirements

“…Several approaches [7,8,9,10,11] were developed to make applications secure in software development. Most of the approaches have focused on specifying and designing applications with security services in order to make applications secure.…”

“…Security requirements are specified with Unified Modeling Language (UML) [1] and its extended notation [7,8], separately from application requirements [10]. Secure software architecture is designed using secure connectors [11] that encapsulate security services. However, less attention has been paid to the tolerance of broken security services in terms of security requirements for secure applications.…”

Security Requirements for Tolerating Security Failures

A Software Product Line Approach to Design Secure Connectors in Component-Based Software Architectures