Contract-Based Security Monitors for Service Oriented Software Architecture

14 years 2 months ago

Download www.isot.ece.uvic.ca

Monitors have been used for real-time systems to ensure proper behavior; however, most approaches do not allow for the addition of relevant fields required to identify and react to security vulnerabilities. Contracts can provide a useful mechanism for identifying and tracking vulnerabilities. Currently, contracts have been proposed for reliability and formal verification; yet, their use in security is limited. Static analysis methods are able to identify many known vulnerabilities; however, they suffer from a high rate of false-positives. The creation of a mechanism that can verify identified vulnerabilities is therefore warranted. We propose a contract-based security assertion monitoring framework (CB SAMF) for reducing the number of security vulnerabilities that are exploitable. CB SAMF will span multiple software layers and be used in an enhanced systems development life cycle (SDLC) including service-oriented analysis and design (SOAD).

Alexander M. Hoole, Issa Traoré

Real-time Traffic

Applied Computing | APSCC 2008 | CB SAMF | Contract-based Security Assertion | Security Vulnerabilities |

claim paper

Post Info
More Details (n/a)

Added	12 Oct 2010
Updated	12 Oct 2010
Type	Conference
Year	2008
Where	APSCC
Authors	Alexander M. Hoole, Issa Traoré

Comments (0)

Sciweavers

Contract-Based Security Monitors for Service Oriented Software Architecture

Applied Computing | APSCC 2008 | CB SAMF | Contract-based Security Assertion | Security Vulnerabilities |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers