An aspect-oriented methodology for designing secure applications

G Georg, I Ray, K Anastasakis, Behzad Bordbar, M Toahchoodee, SH Houmb

Research output: Contribution to journalArticle

51 Citations (Scopus)

Abstract

We propose a methodology, based on aspect-oriented modeling (AOM), for incorporating security mechanisms in an application. The functionality of the application is described using the primary model and the attacks are specified using aspects. The attack aspect is composed with the primary model to obtain the misuse model. The misuse model describes how much the application can be compromised. If the results are unacceptable, then some security mechanism must be incorporated into the application. The security mechanism, modeled as security aspect, is composed with the primary model to obtain the security-treated model. The security-treated model is analyzed to give assurance that it is resilient to the attack. (C) 2008 Elsevier B.V. All rights reserved.
Original languageEnglish
Pages (from-to)846-864
Number of pages19
JournalInformation and Software Technology
Volume51
Issue number5
DOIs
Publication statusPublished - 1 May 2009

Keywords

  • Secure systems design
  • Security analysis
  • Aspect-oriented modeling
  • Alloy
  • UML
  • Authentication

Fingerprint

Dive into the research topics of 'An aspect-oriented methodology for designing secure applications'. Together they form a unique fingerprint.

Cite this