Abstract
This paper presents parts of the SECREDS project which aims to bridge the gap between system modeling and implementation using a high-level programming language. Within SECREDS secure applications are developed top down starting with a top-level specification. Top-level specifications are given by our computational model and application-specific security policies are specified using our security requirement logic. To implement a top-level specification we developed a high-level programming language called INSEL+ offering language concepts well adapted to our underlying model. We will present main features of INSEL+ focusing on access control aspects and we will outline some guidelines to support the systematic implementation of a given top-level specification preserving specified security properties.
Chapter PDF
Similar content being viewed by others
References
Feldman, Michael B. (1996) Software Construction and Data Structures with Ada 95. Addison Wesley
Ancilotti, P. and Bowi, M. and Lejmaer, N. (1983) Language Features for Access Control. IEEE Transactions on Software Engineering, SE-9(1).
Bell, D.E. and LaPadula L. (1975) Secure Computer Systems: Unified Exposition and MULTICS Interpretation. Technical Report MTR - 2997.
Clark, D.D. and Wilson, D.R. (1987) A Comparison of Commercial and Military Computer Security Policies. In Proceedings of the 1987 IEEE Symposium on Security and Privacy, 184–194.
Eckert, C. (1995) Matching Security Policies to Application Needs. In 11th International Conference on Information Security, 237–254.
Eckert, C. (1996) Issues in the Design of Modern Distributed Computing Environments. In Eighth LASTED International Conference on Parallel and Distributed Computing and Systems, 188–192
McGraw, J.R. and Andrews, G.R. (1979) Access Control in Parallel Programs. IEEE Transactions on Software Engineering, SE-5(1), 1–9
Rushby, J.M. and von Henke, F. W. and Owre, S. (1991) An Introduction to Formal Specification and Verification Using EHDM. Technical Report, SRI International, Menlo Park.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1997 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Eckert, C., Marek, D. (1997). Developing Secure Applications: A Systematic Approach. In: Yngström, L., Carlsen, J. (eds) Information Security in Research and Business. IFIP — The International Federation for Information Processing. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35259-6_21
Download citation
DOI: https://doi.org/10.1007/978-0-387-35259-6_21
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5481-0
Online ISBN: 978-0-387-35259-6
eBook Packages: Springer Book Archive