Advertisement

Reusable Secure Connectors for Secure Software Architecture

  • Michael ShinEmail author
  • Hassan Gomaa
  • Don Pathirage
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9679)

Abstract

This paper describes the design of reusable secure connectors that are used in the design of secure software architectures for distributed software applications. The secure connectors are designed separately from application components by reusing the appropriate communication pattern between components as well as the security services required by these components. Each secure connector is designed as a composite component that encapsulates both security service components and communication pattern components. Integration of security services and communication patterns within a secure connector is provided by a security coordinator. The main advantage is that secure connectors can be reused in different applications. In this paper, secure connectors are reused in electronic commerce and automated teller machine applications.

Keywords

Reusable secure connector Secure software architecture Component-based software architecture Secure software design Message communication patterns Dynamic modeling 

Notes

Acknowledgement

Gomaa’s research is supported by the Air Force Office of Scientific Research under grant number FA9550-16-1-0030.

References

  1. 1.
    Al-Azzani, S., Bahsoon, R.: SecArch: Architecture-level evaluation and testing for security. In: Joint Working IEEE/IFIP Conference on Software Architecture (WICSA) and European Conference on Software Architecture (ECSA), August 2012Google Scholar
  2. 2.
    Baker, C., Shin M.: Aspect-oriented secure connectors for implementation of secure software architecture. In: International Conference on Software Engineering and Knowledge Engineering (SEKE 2014), Vancouver, 1–3 July 2014Google Scholar
  3. 3.
    Banerjee, S., Mattmann, C.A., Medvidovic, N., Golubchik, L.: Leveraging architectural models to inject trust into software systems. In: Proceedings of the ICSE 2005 Workshop on Software Engineering for Secure Systems, St. Louis, Missouri, May 2005Google Scholar
  4. 4.
    Basin, D., Clavel, M., Egea, M.: A decade of model-driven security. In: 16th ACM Symposium on Access Control Models and Technologies (SACMAT 2011), Innsbruck, 15–17 June 2011Google Scholar
  5. 5.
    Deng, Y., Wang, J., Tsai, J.J.P., Beznosov, K.: An approach for modeling and analysis of security system architectures. IEEE Trans. Knowl. Data Eng. 15(5), 1099–1119 (2003)CrossRefGoogle Scholar
  6. 6.
    Fernandez, E.B.: Security Patterns in Practice. Wiley, New York (2013)Google Scholar
  7. 7.
    Gomaa, H.: Software Modeling and Design: UML, Use Cases, Patterns, and Software Architectures. Cambridge University Press, Cambridge (2011)CrossRefGoogle Scholar
  8. 8.
    Gomaa, H., Shin, M.E.: Modeling complex systems by separating application and security concerns. In: 9th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS 2004), Italy, April 2004Google Scholar
  9. 9.
    Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002)Google Scholar
  10. 10.
    Ren, J., Taylor, R., Dourish, P., Redmiles, D.: Towards an architectural treatment of software security: A connector-centric approach. In: Proceedings of the Workshop on Software Engineering for Secure Systems, St. Louis, Missouri, 15–16 May 2005Google Scholar
  11. 11.
    Schumacher, M., Fernandez, E.B., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns. Wiley, New York (2006)Google Scholar
  12. 12.
    Shin, M.E., Gomaa, H.: Software modeling of evolution to a secure application: From requirements model to software architecture. Sci. Comput. Program. 66(1), 60–70 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Shin, M.E., Malhotra, B., Gomaa, H., Kang, T.: Connectors for secure software architectures. In: 24th International Conference on Software Engineering and Knowledge Engineering (SEKE 2012), San Francisco, 1–3 July 2012Google Scholar
  14. 14.
    Taylor, R.N., Medvidovic, N., Dashofy, E.M.: Software Architecture: Foundations, Theory, and Practice. Wiley, Chichester (2010)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.Department of Computer ScienceTexas Tech UniversityLubbockUSA
  2. 2.Department of Computer ScienceGeorge Mason UniversityFairfaxUSA

Personalised recommendations