[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content

A Framework for Security Assurance in Component Based Development

  • Conference paper
Computational Science and Its Applications – ICCSA 2005 (ICCSA 2005)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3481))

Included in the following conference series:

  • 1722 Accesses

Abstract

This paper will investigate the fundamental issues related to building and composing secure components. While all participants will closely cooperate, each will have primary responsibility in one area. The approach outlined in this paper develops a certification process for testing software components for security proper- ties. The anticipated results from this paper are a process, set of core white-box and black-box testing technologies to certify the security of software components and a framework for constructing compositional Component Security Assurance (CSA) based on the security property exposed by the atomic components. The manifestation of the product is a stamp of approval in the form of a digital signature.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Stephenson, J.: Web Services Architectures for Security. CBDi Journal (February 2003), http://www.cbdiforum.com/

  2. Aoyama, M.: New Age of Software Development: New Component-Based Soft ware Engineering Changes the Way of Software Development. In: 1998 International Workshop on CBSE, ICSE, pp. 124–128 (1998)

    Google Scholar 

  3. CBSE 1998, Proceedings of International Workshop on Component-Based software Engineering, Kyoto Japan (April 1998), http://www.sei.cmu.edu/cbs/ics98/

  4. Herzum, P., Sims, O.: Business Component Factory: A Comprehensive Overview of CBD for the Enterprise, December 1999. OMG press (1999)

    Google Scholar 

  5. Szyperski, C.: Component Software: Beyond Object-Oriented Programming. Addison- Wesley, London (1998), http://www.sei.cmu.edu/cbs/icse98/papers/p14.htm

    Google Scholar 

  6. D’Souza, D.F., Wills, A.C.: Objects, Components, and Frameworks With UML: The Catalysis Approach. Addison-Wesley Object, Reading (1998)

    Google Scholar 

  7. Information Technology-Software Life cycle Process (ISO/IEC 12207), (1998), http://standards.ieee.org/reading/ieee/std/

  8. Vetterling, M., Wimmel, G., Wisspeintner, A.: Requirements analysis: Secure systems development based on the common criteria: the PalME project. In: Proceedings of the tenth ACM SIGSOFT symposium on Foundations of software engineering, November 2002, pp. 129–138 (2002)

    Google Scholar 

  9. Seacord, R.C.: Software Engineering Component Repository. In: Proceedings of 1999 International Workshop on CBSE, Los Angeles (1999), http://www.sei.cmu.edu/cbs/icse99/cbsewkshp.htm

  10. Luqi, J.G.: Toward Automated Retrieval for a Software Component Repository. In: IEEE Conference and Workshop on Engineering of Computer-Based Systems (March 1999)

    Google Scholar 

  11. Kim, H.-K., Cha, J.-E., Kim, J.-Y., Park, E.-J.: Identification of Design Patterns and Components for Network Management System_. In: SNPD 2000 International Conference, May 2000, vol. 1(1), pp. 426–431 (2000)

    Google Scholar 

  12. D’Souza, D., Wills, A.: Objects, Components and Frameworks with UML:The Catalysis Approach. Addison-Wesley, Reading (1998)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jeong, GB., Kim, GB. (2005). A Framework for Security Assurance in Component Based Development. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2005. ICCSA 2005. Lecture Notes in Computer Science, vol 3481. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11424826_5

Download citation

  • DOI: https://doi.org/10.1007/11424826_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25861-2

  • Online ISBN: 978-3-540-32044-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics