An aspect-oriented methodology for designing secure applications

Geri Georg, Indrakshi Ray, Kyriakos Anastasakis, Behzad Bordbar, Manachai Toahchoodee, S.H. Houmb

    Research output: Contribution to journalArticleAcademicpeer-review

    51 Citations (Scopus)

    Abstract

    We propose a methodology, based on aspect-oriented modeling (AOM), for incorporating security mechanisms in an application. The functionality of the application is described using the primary model and the attacks are specified using aspects. The attack aspect is composed with the primary model to obtain the misuse model. The misuse model describes how much the application can be compromised. If the results are unacceptable, then some security mechanism must be incorporated into the application. The security mechanism, modeled as security aspect, is composed with the primary model to obtain the security-treated model. The security-treated model is analyzed to give assurance that it is resilient to the attack.
    Original languageUndefined
    Article number10.1016/j.infsof.2008.05.004
    Pages (from-to)846-864
    Number of pages20
    JournalInformation and software technology
    Volume50
    Issue number1
    DOIs
    Publication statusPublished - May 2009

    Keywords

    • EWI-13884
    • IS-SECURITY
    • METIS-252085
    • IR-62502

    Cite this