A Modeling and Formal Approach for the Precise Specification of Security Patterns

Abstract : Non-functional requirements such as Security and Dependability (S &D) become more important as well as more difficult to achieve. In fact, the integration of security features requires the availability of both application domain specific knowledge and security expertise at the same time. Hence, capturing and providing this expertise by the way of security patterns can support the integration of S&D features by design to foster reuse during the process of software system development. The solution envisaged here is based on combining metamodeling techniques and formal methods to represent security pattern at two levels of abstraction fostering reuse during the process of pattern development and during the process of pattern-based development. The contribution of this work is twofold: (1) An improvement of our previous pattern modeling language for representing security pattern in the form of a subsystem providing appropriate interfaces and targeting security properties, (2) Formal specification and validation of pattern properties, using the interactive Isabelle/HOL proof assistant. The resulting validation artifacts may mainly complete the definitions, and provide semantics for the interfaces and the properties in the context of S&D. As a result, validated patterns will be used as bricks to build applications through a Model-Driven engineering approach.
Complete list of metadatas

Cited literature [23 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-01141439
Contributor : Open Archive Toulouse Archive Ouverte (oatao) <>
Submitted on : Monday, April 13, 2015 - 8:56:56 AM
Last modification on : Thursday, October 17, 2019 - 8:55:03 AM
Long-term archiving on : Monday, September 14, 2015 - 7:21:08 AM

File

Hamid_12871.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01141439, version 1
  • OATAO : 12871

Citation

Brahim Hamid, Christian Percebois. A Modeling and Formal Approach for the Precise Specification of Security Patterns. International Symposium on Engineering Secure Software and Systems - ESSoS 2014, Feb 2014, Munich, Germany. pp. 95-112. ⟨hal-01141439⟩

Share

Metrics

Record views

143

Files downloads

247