Efficiently Managing Security Concerns in Component Based System Design

Author

Ammar Masood
Sahra Sedigh, Missouri University of Science and TechnologyFollow
Arif Ghafoor

Abstract

Component-based software development (CBSD) offers many advantages like reduced product time to market, reduced complexity and cost etc. Despite these advantages its wide scale utilization in developing security critical systems is currently hampered because of lack, of suitable design techniques to efficiently manage the complete system security concerns in the development process. The use of commercial of the shelf (COTS) components can introduce various security and reliability risks in the system. In this paper we propose a methodology for efficient management of all the system security concerns involved in the design of component based systems. Our methodology is based on formally representing the system security specifications and component capabilities. We identify the metrics for correlating both and suggest extensions to a previously proposed software development process, for selection of suitable components and integration mechanisms. The proposed solution ensures due treatment of all the security concerns for the complete system in the acquisition efforts.

Recommended Citation

A. Masood et al., "Efficiently Managing Security Concerns in Component Based System Design," Proceedings of the 29th Annual IEEE Computer Software and Applications Conference (2005, Edinburgh, Scotland), vol. 1, pp. 164 - 169, Institute of Electrical and Electronics Engineers (IEEE), Jul 2005.

The definitive version is available at https://doi.org/10.1109/COMPSAC.2005.71

Meeting Name

29th Annual International Computer Software and Applications Conference (2005: Jul. 26-28, Edinburgh, Scotland)

Department(s)

Electrical and Computer Engineering

Second Department

Computer Science

Keywords and Phrases

Component Based System Design; Component-Based Software Development (CBSD); Formal Representation; Formal Specification; Object-Oriented Programming; Security Critical Systems; Security Management; Security of Data; Software Metrics; Software Reliability; System Reliability; System Security Specification; Reliability Risks; Computational Complexity; Computer Software; Reliability Theory; Systems Analysis

International Standard Book Number (ISBN)

769524133

International Standard Serial Number (ISSN)

0730-3157

Document Type

Article - Conference proceedings

Document Version

Final Version

File Type

text

Language(s)

English

Rights

© 2005 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.

Publication Date

01 Jul 2005