Research Commons
      • Browse 
        • Communities & Collections
        • Titles
        • Authors
        • By Issue Date
        • Subjects
        • Types
        • Series
      • Help 
        • About
        • Collection Policy
        • OA Mandate Guidelines
        • Guidelines FAQ
        • Contact Us
      • My Account 
        • Sign In
        • Register
      View Item 
      •   Research Commons
      • University of Waikato Research
      • Computing and Mathematical Sciences
      • Computing and Mathematical Sciences Papers
      • View Item
      •   Research Commons
      • University of Waikato Research
      • Computing and Mathematical Sciences
      • Computing and Mathematical Sciences Papers
      • View Item
      JavaScript is disabled for your browser. Some features of this site may not work without it.

      Composing patterns to construct secure systems

      Rimba, Paul; Zhu, Liming; Bass, Len; Kuz, Ihor; Reeves, Steve
      Thumbnail
      Files
      EDCC 2015 paper.pdf
      Accepted version, 1.215Mb
      DOI
       10.1109/EDCC.2015.12
      Find in your library  
      Citation
      Export citation
      Rimba, P., Zhu, L., Bass, L., Kuz, I., & Reeves, S. (2015). Composing patterns to construct secure systems. In Proc 11th European Dependable Computing Conference (pp. 213–224). Paris, France: IEEE. http://doi.org/10.1109/EDCC.2015.12
      Permanent Research Commons link: https://hdl.handle.net/10289/9881
      Abstract
      Building secure applications requires significant expertise. Secure platforms and security patterns have been proposed to alleviate this problem. However, correctly applying patterns to use platform features is still highly expertise-dependent. Patterns are informal and there is a gap between them and platform features. We propose the concept of reusable verified design fragments, which package security patterns and platform features and are verified to provide assurance about their security properties. Design fragments can be composed through four primitive tactics. The verification of the composed design against desired security properties is presented in an assurance case. We demonstrate our approach by securing a Continuous Deployment pipeline and show that the tactics are sufficient to compose design fragments into a secure system. Finally, we formally define composition tactics, which are intended to support the development of systems that are secure by construction.
      Date
      2015
      Type
      Conference Contribution
      Publisher
      IEEE
      Rights
      This is an author’s accepted version of an article published in the 11th European Dependable Computing Conference. ©2015 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
      Collections
      • Computing and Mathematical Sciences Papers [1455]
      Show full item record  

      Usage

      Downloads, last 12 months
      65
       
       
       

      Usage Statistics

      For this itemFor all of Research Commons

      The University of Waikato - Te Whare Wānanga o WaikatoFeedback and RequestsCopyright and Legal Statement