Projekt CITY - Component-based Security
The increasing trend to establish new interconnections between existing networks of software systems exposes them to a growing number of potential threats. Due to flaws in the system design such threats may lead to various violations of protection objectives, such as information confidentiality, data integrity, and service availability.The flaws of a software system may be induced by:
In order to overcome such sources of system vulnerability, a systematic approach is required which, starting from the description of security targets at system level, allows after several steps to implement as automatically as possible appropriate protection mechanisms at component level. For the purpose of developing such a systematic procedure, several techniques are to be investigated providing support to the following tasks:
A preliminary investigation revealed the basic restrictions of former related research work, most of which was not focused on the issue of supporting requirement traceability throughout software development. A list of criteria was first defined in order to evaluate by comparison a number of formal specification languages with regard to their expressiveness with respect to different security requirement classes. Based on this analysis the suitability of the Object Constraint Language (OCL) to express protection objectives was examined. The investigation identified the need for suitable OCL extensions capable of taking systematically into account specific utilization constraints, including a. o. temporal aspects.