Go to main content

Security compliance in model-driven development of software systems in presence of long-term evolution and variants / Sven Matthias Peldszus.

Peldszus, Sven Matthias, author.
2022
QA76.9.A25
Available Online
Formats
Format
BibTeX
MARCXML
TextMARC
MARC
DublinCore
EndNote
NLM
RefWorks
RIS
Add to Basket
Cite
Citation

Linked e-resources

Linked Resource
Online Access
Concurrent users
Unlimited
Authorized users
Authorized users
Document Delivery Supplied
Can lend chapters, not whole ebooks

Details

Title
Security compliance in model-driven development of software systems in presence of long-term evolution and variants / Sven Matthias Peldszus.
Author
Peldszus, Sven Matthias, author.
ISBN
9783658376659 (electronic bk.)
3658376651 (electronic bk.)
9783658376642 (print)
3658376643
DOI
https://doi.org/10.1007/978-3-658-37665-9
Published
Wiesbaden, Germany : Springer Vieweg, 2022.
Language
English
Description
1 online resource (xxxvi, 476 pages) : illustrations (some color)
Item Number
10.1007/978-3-658-37665-9 doi
Call Number
QA76.9.A25
Dewey Decimal Classification
005.8
Summary
For ensuring a software system's security, it is vital to keep up with changing security precautions, attacks, and mitigations. Although model-based development enables addressing security already at design-time, design models are often inconsistent with the implementation or among themselves. An additional burden are variants of software systems. To ensure security in this context, we present an approach based on continuous automated change propagation, allowing security experts to specify security requirements on the most suitable system representation. We automatically check all system representations against these requirements and provide security-preserving refactorings for preserving security compliance. For both, we show the application to variant-rich software systems. To support legacy systems, we allow to reverse-engineer variability-aware UML models and semi-automatically map existing design models to the implementation. Besides evaluations of the individual contributions, we demonstrate the approach in two open-source case studies, the iTrust electronics health records system and the Eclipse Secure Storage. About the author Since 2016, Sven Matthias Peldszus has been working as a research associate at the University of Koblenz-Landau and joined the Ruhr University Bochum after defending this thesis. His research interests include continuous tracing of non-functional requirements over the entire software life cycle and software quality analysis in variant-rich software systems.
Bibliography, etc. Note
Includes bibliographical references.
Access Note
Access limited to authorized users.
Source of Description
Online resource; title from PDF title page (SpringerLink, viewed July 21, 2022).
Available in Other Form
Print version: 9783658376642
Linked Resources
Online Access
Record Appears in
Online Resources > Ebooks
All Resources
Introduction
Running Example: iTrust
State of the Art in Secure Software Systems Development
A Walkthrough of the Proposed Development Approach
Program Model for Object-oriented Languages
Model-Synchronization and Tracing
Application to Legacy Projects using Reverse-Engineering
Static Security Compliance Checks
Verification and Enforcement of Security at Run-time
Specification of Variability throughout Variant-rich Software Systems
Security in UML Product Lines
Security Compliance and Restructuring in Variant-rich Software Systems
The GRaViTY Framework
Case Studies
Related Work
Conclusion.

Browse Subjects

Show more subjects...

Statistics

from
to
Export