MDSE@R: Model-Driven Security Engineering at Runtime

Almorsy, Mohamed; Grundy, John; Ibrahim, Amani S.

doi:10.1007/978-3-642-35362-8_22

Cited by 16 publications

(3 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…During runtime, enforcement of policies such as described by MDSE@R [22] becomes important. Although runtime is not in the scope of this work, we can exploit our iObserve approach [23] in order to update design time models by observations during runtime to make use of the analysis proposed in this paper based on architectural runtime models.…”

Section: State Of the Artmentioning

confidence: 99%

Data-Driven Software Architecture for Analyzing Confidentiality

Seifermann

Heinrich

Reussner

2019

2019 IEEE International Conference on Software Architecture (ICSA)

View full text Add to dashboard Cite

Preservation of confidentiality has become a crucial quality property of software systems that software vendors have to consider in each development phase. Especially, neglecting confidentiality constraints in the software architecture leads to severe issues in later phases that often are hard to correct. In contrast to the implementation phase, there is no support for systematically considering confidentiality in architectural design phases by means of data processing descriptions. To fill this gap, we introduce data flows in an architectural description language to enable simple definition of confidentiality constraints. Afterwards, we transform the software architecture specification to a logic program to find violated confidentiality constraints. In a case study-based evaluation, we apply the analysis to sixteen scenarios to show the accuracy of the approach.

show abstract

Section: State Of the Artmentioning

confidence: 99%

Data-Driven Software Architecture for Analyzing Confidentiality

Seifermann

Heinrich

Reussner

2019

2019 IEEE International Conference on Software Architecture (ICSA)

View full text Add to dashboard Cite

show abstract

“…In addition, they don't treat the problem of the encryption of the association between multidimensional concepts. References [7,8] presented an adaptable security and model-based security, but authors don't deal with the problem of how to secure a CDW. In addition, the problem of how to adapt the security solution of CDW when the cloud server provider is changed is not treated.…”

Section: Discussionmentioning

confidence: 99%

“…Similar to our approach, in [7,8], the authors presented a model-driven security engineering approach for multi-tenant SaaS applications. This approach is based on externalizing security from the underlying SaaS application, which allows both service and security to evolve at runtime.…”

Section: B Adaptive Securitymentioning

confidence: 90%

Adaptive security for Cloud data warehouse as a service

Guermazi

Ayed

Ben-Abdallah

2015

2015 IEEE/ACIS 14th International Conference on Computer and Information Science (ICIS)

View full text Add to dashboard Cite

The growing interest in cloud-based data warehousing is driven by the high return on investment. Nonetheless, the adoption of cloud computing for data warehousing faces security challenges given the proprietary nature of the enclosed data. This paper first, presents an adaptive security solution for sensitive data in cloud-based data warehouses. Second, it illustrates how the security solution can be implemented as a service through a model-driven approach.

show abstract