Academic
Publications
Contract-Based Security Monitors for Service Oriented Software Architecture

Contract-Based Security Monitors for Service Oriented Software Architecture,10.1109/APSCC.2008.169,Alexander M. Hoole,Issa Traoré

Contract-Based Security Monitors for Service Oriented Software Architecture  
BibTex | RIS | RefWorks Download
Monitors have been used for real-time systems to ensure proper behavior; however, most approaches do not allow for the addition of relevant fields required to identify and react to security vulnerabilities. Contracts can provide a useful mechanism for identifying and tracking vulnerabil- ities. Currently, contracts have been proposed for relia- bility and formal verification; yet, their use in security is limited. Static analysis methods are able to identify many known vulnerabilities; however, they suffer from a high rate of false-positives. The creation of a mechanism that can ver- ify identified vulnerabilities is therefore warranted. We pro- pose a contract-based security assertion monitoring frame- work (CB SAMF) for reducing the number of security vul- nerabilities that are exploitable. CB SAMF will span mul- tiple software layers and be used in an enhanced systems development life cycle (SDLC) including service-oriented analysis and design (SOAD).
Conference: Asia-Pacific Services Computing Conference - APSCC , pp. 1239-1245, 2008
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.