nach oben

International Journal on Software Tools for Technology Transfer

Erschienen in:

01.06.2015 | ESE

Restoring security of evolving software models using graph transformation

verfasst von: Jens Bürger, Jan Jürjens, Sven Wenzel

Erschienen in: International Journal on Software Tools for Technology Transfer | Ausgabe 3/2015

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Security certification of complex systems requires a high amount of effort. As a particular challenge, today’s systems are increasingly long-living and subject to continuous change. After each change of some part of the system, the whole system needs to be re-certified from scratch (since security properties are not in general modular), which is usually far too much effort. When models for software get changed, this can lead to security weaknesses that are also part of the software system that is derived from those models. Hence, it is important to check the models with respect to security properties and correct them respectively. To address this challenge, we present an approach which not only finds security weaknesses but can also correct them in a tool-supported way. As time goes by, a diverse number of changing requirements that may be security-related and non-security-related lead to an evolving system that met its security requirements at design time but can contain vulnerabilities with respect to meanwhile updated security knowledge. Supported by patterns we can describe and detect potential flaws that may arise in models, such as inconsistencies in security requirements. Potential violations can be formalized in the patterns as well as the correction alternatives to fix these. It is based on graph transformation and can be applied to different types of models and violations. For flaw detection, these patterns are used as the left-hand sides of graph transformation rules. Using graph transformation, we can further correct the models and establish that they no longer violate the security requirements under investigation. The approach is supported by a tool which can check whether these patterns arise in models and assist the user in correcting the security vulnerabilities.

Vorheriger Artikel Security risk analysis of system changes exemplified within the oil and gas domain

Nächster Artikel Policy ignorant caller-side inline reference monitoring

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

https://www-secse.cs.tu-dortmund.de/secse/pages/research/tools/index_en.shtml.

Aksit, M., Rensink, A., Staijen, T.: A graph-transformation-based simulation approach for analysing aspect interference on shared join points. In: AOSD 2009, pp. 39–50. ACM, New York (2009)

Amrani, M., Lucio, L., Selim, G.M.K., Combemale, B., Dingel, J., Vangheluwe, H., Traon, Y.L., Cordy, J.R.: A tridimensional approach for studying the formal verification of model transformations. In: ICST 2012, pp. 921–928. IEEE (2012)

Arendt, T., Biermann, E., Jurack, S., Krause, C., Taentzer, G.: Henshin: advanced concepts and tools for in-place EMF model transformations. In: MoDELS 2010. LNCS, vol. 6394, pp. 121–135. Springer, Berlin (2010)

Awad, A.: BPMN-Q: A language to query business processes. In EMISA, pp. 115–128 (2007)

Banti, Federico, Pugliese, Rosario, Tiezzi, Francesco: An accessible verification environment for UML models of services. J. Symb. Comput. 46(2), 119–149 (2011)CrossRefMATH

Bergmann, G., Horváth, Á., Ráth, I., Varró, D., Balogh, A., Balogh, Z., Ökrös, A.: Incremental evaluation of model queries over emf models. In: Model Driven Engineering Languages and Systems. Lecture Notes in Computer Science, vol. 6394, pp. 76–90. Springer, Berlin (2010)

Bergmann, G., Massacci, F., Paci, F., Tun, T., Varró, D., Yijun, Y.: A tool for managing evolving security requirements. In: Nurcan, S. (ed.) IS Olympics: Information Systems in a Diverse World. Lecture Notes in Business Information Processing, vol. 107, pp. 110–125. Springer, Berlin (2012)

Biermann, E., Ermel, C., Taentzer, G.: Lifting parallel graph transformation concepts to model transformation based on the eclipse modeling framework. Electron. Commun. EASST 26, 1–19 (2010)

Bottoni, P., Koch, M., Parisi-Presicce, F., Taentzer, G.: Consistency checking and visualization of OCL constraints. In: UML. LNCS, vol. 1939, pp. 294–308. Springer, Berlin (2000)

10.

Brown, W.J., Malveau, R.C., McCormick, H.W., Mowbray, T.J.: AntiPatterns: Refactoring Software, Architectures, and Projects in Crisis. Wiley, New York (1998)

11.

Carisma tool homepage (2013). http://carisma.umlsec.de/

12.

CEA: Papyrus UML. http://www.papyrusuml.org

13.

Cengarle, M.V., Knapp, A., Tarlecki, A., Wirsing, M.: A heterogeneous approach to UML semantics. In: Degano, P., de Nicola, R., Meseguer, J. (eds.) Concurrency, Graphs and Models. LNCS, vol. 5065, pp. 383–402. Springer, Berlin (2008)

14.

Cunningham, W., et al.: Portland pattern repository. http://c2.com/cgi/wiki?AntiPatternsCatalog

15.

Eclipse Foundation: Eclipse. http://www.eclipse.org/

16.

Eclipse Foundation: Eclipse modeling framework project (EMF). http://eclipse.org/modeling/emf/

17.

Eclipse Foundation: EMF compare. http://www.eclipse.org/emf/compare/

18.

Eclipse Foundation: Henshin project. http://www.eclipse.org/projects/project.php?id=modeling.emft.henshin

19.

Ehrig, H., Kreowski, H.J.: Parallel graph grammars. In: Automata, Languages, Development, pp. 425–447. North Holland, Amsterdam (1976)

20.

Engels, G., Heckel, R., Küster, J.M.: The consistency workbench: a tool for consistency management in UML-based development. In: UML 2003. LNCS, vol. 2863, pp. 356–359. Springer, Berlin (2003)

21.

Greenyer, J., Kindler, E.: Comparing relational model transformation technologies: implementing query/view/transformation with triple graph grammars. Softw. Syst. Model. 9(1), 21–46 (2010)CrossRef

22.

Greenyer, J., et al.: TGG-Interpreter http://www.cs.uni-paderborn.de/fachgebiete/fachgebiet-softwaretechnik/forschung/projekte/tgg-interpreter.html

23.

Guerra, E., de Lara, J., Kolovos, D.S., Paige, R.F., dos Santos, O.M.: Engineering model transformations with transML. Softw. Syst. Model. 12(3), 555–577 (2013)CrossRef

24.

Jürjens, J.: Modelling audit security for smart-card payment schemes with UMLsec. In: Dupuy, M., Paradinas, P. (eds.) Trusted Information: The New Decade Challenge. IFIP TC11 Sixteenth Annual Working Conference on Information Security (IFIP/Sec’01), June 11–13, 2001, Paris, France. IFIP Conference Proceedings, vol. 193, pp. 93–108. Kluwer, Dordrecht (2001)

25.

Jürjens, J.: Secure Systems Development with UML. Springer, Berlin (2005)MATH

26.

Jürjens, J., Wimmel, G.: Formally testing fail-safety of electronic purse protocols. In: 16th IEEE International Conference on Automated Software Engineering (ASE 2001), 26–29 November 2001, Coronado Island, San Diego, CA, USA, pp. 408–411. IEEE Computer Society (2001)

27.

Jürjens, J., Wimmel, G.: Security modelling for electronic commerce: the common electronic purse specifications. In: Schmid B., Stanoevska-Slabeva, K., Tschammer, V. (eds.) Towards the E-Society: E-Commerce, E-Business, and E-Government. The First IFIP Conference on E-Commerce, E-Business, E-Government (I3E 2001), October 3–5, Zürich, Switzerland. IFIP Conference Proceedings, vol. 202, pp. 489–505. Kluwer, Dordrecht (2001)

28.

Kehrer, T., Kelter, U., Ohrndorf, M., Sollbach, T.: Understanding model evolution through semantically lifting model differences with SiLift. In: 2012 28th IEEE International Conference on Software Maintenance (ICSM), pp. 638–641 (2012)

29.

Kehrer, T., Kelter, U., Taentzer, G.: A rule-based approach to the semantic lifting of model differences in the context of model versioning. In: ASE, pp. 163–172 (2011)

30.

Kindler, E., Wagner, R.: Triple graph grammars: concepts, extensions, implementations, and application scenarios. Technical report, tr-ri-07-284, University of Paderborn (2007)

31.

Knapp, A., Merz, S., Rauh, C.: Model checking timed UML state machines and collaborations. In: FTRTFT, pp. 395–416 (2002)

32.

Krause, C., Dyck, J., Giese, H.: Metamodel-specific coupled evolution based on dynamically typed graph transformations. In: ICMT 2013. LNCS, vol. 7909, pp. 76–91. Springer, Berlin (2013)

33.

Latella, D., Majzik, I., Massink, M.: Automatic verification of a behavioural subset of UML statechart diagrams using the SPIN model-checker. Form. Asp. Comput. 11(6), 637–664 (1999)CrossRefMATH

34.

LBC: Topcased, the open-source toolkit for critical systems. http://www.topcased.org/

35.

Llano, M.T., Pooley, R.: UML specification and correction of object-oriented anti-patterns. In: ICSEA ’09, pp. 39–44. IEEE Computer Society (2009)

36.

Lodderstedt, T., Basin, D.A., Doser, J.: SecureUML: a UML-based modeling language for model-driven security. In: Proceedings of the 5th International Conference on The Unified Modeling Language, UML ’02, pp. 426–441 (2002)

37.

Massacci, F., Naliuka, K.: Towards practical security monitors of UML policies for mobile applications. In: POLICY, pp. 278 (2007)

38.

Mens, T., Taentzer, G., Müller, D.: Challenges in model refactoring. In: Proceedings of the 1st Workshop on Refactoring Tools. University of Berlin (2007)

39.

Mens, T., Taentzer, G., Runge, O.: Analysing refactoring dependencies using graph transformation. Softw. Syst. Model. 6(3), 269–285 (2007)CrossRef

40.

Menzel, M., Thomas, I., Meinel, C.: Security requirements specification in service-oriented business process management. In: ARES, pp. 41–48 (2009)

41.

Montrieux, L.: Implementation of access control using aspect-oriented programming. Master’s thesis, Facults Universitaires Notre-Dame de la Paix, Namur (2009)

42.

Object Management Group: Business Process Model and Notation (BPMN). http://www.omg.org/spec/BPMN/2.0/PDF

43.

Pnueli, A., Siegel, M., Singerman, E.: Translation validation. In: Steffen, B. (ed.) Tools and Algorithms for Construction and Analysis of Systems. 4th International Conference, TACAS ’98. Held as Part of the European Joint Conferences on the Theory and Practice of Software, ETAPS’98, Lisbon, Portugal, March 28–April 4, 1998, Proceedings. Lecture Notes in Computer Science, vol. 1384, pp. 151–166. Springer, Berlin (1998)

44.

Reder, A., Egyed, A.: Computing repair trees for resolving inconsistencies in design models. In: Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012, pp. 220–229. ACM, New York (2012)

45.

Rodríguez, A., Fernández-Medina, E., Piattini, M.: A BPMN extension for the modeling of security requirements in business processes. IEICE Trans. 90–D(4), 745–752 (2007)

46.

Ruhroth, T., Gärtner, S., Bürger, J., Jürjens, J., Schneider, K.: Versioning and evolution requirements for model-based system development. In: International Workshop on Comparison and Versioning of Software Models (CVSM) (2014)

47.

Salay, R., Chechik, M., Easterbrook, S.M., Diskin, Z., McCormick, P., Nejati, S., Sabetzadeh, M., Viriyakattiyaporn, P.: An eclipse-based tool framework for software model management. In: OOPSLA Workshop on Eclipse Technology Exchange (ETX 2007), pp. 55–59. ACM, New York (2007)

48.

Schmidt, Á., Varró, D.: CheckVML: a tool for model checking visual modeling languages. In: UML 2003. LNCS, vol. 2863, pp. 92–95. Springer, Berlin (2003)

49.

Schürr, A.: Specification of graph translators with triple graph grammars. In: Mayr, E.W., Schmidt, G., Tinhofer, G. (eds.) Graph–Theoretic Concepts in Computer Science. LNCS, vol. 903, pp. 151–163. Springer, Heidelberg (1995)

50.

Taentzer, G.: Parallel and distributed graph transformation: formal description and application to communication-based systems. PhD thesis, TU Berlin (1996)

51.

Tun, T.T., Yu, Y., Haley, C.B., Nuseibeh, B.: Model-based argument analysis for evolving security requirements. In: SSIRI, pp. 88–97 (2010)

52.

University of Siegen: SiDiff. http://www.sidiff.org

53.

Wendehals, L.: Cliché-und Mustererkennung auf Basis von Generic Fuzzy Reasoning Nets. Master’s thesis, in German, Universität Paderborn (2001)

54.

Wolter, C., Menzel, M., Meinel, C.: Modelling security goals in business processes. In: Kühne, T., Reisig, W., Steimann, F. (eds.) Modellierung 2008, Lecture Notes in Informatics, vol. 127, pp. 197–212 (2008)

55.

Wolter, C., Schaad, A.: Modeling of task-based authorization constraints in BPMN. In: 5th BPM, pp. 64–79 (2007)

Titel: Restoring security of evolving software models using graph transformation
verfasst von: Jens Bürger
Jan Jürjens
Sven Wenzel
Publikationsdatum: 01.06.2015
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal on Software Tools for Technology Transfer / Ausgabe 3/2015
Print ISSN: 1433-2779
Elektronische ISSN: 1433-2787
DOI: https://doi.org/10.1007/s10009-014-0364-8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 3/2015

Incremental test case generation using bounded model checking: an application to automatic rating

Policy ignorant caller-side inline reference monitoring

Workflows for quantitative data analysis in the social sciences

Statistical model checking for biological systems

A systematic classification of security regression testing approaches

Security risk analysis of system changes exemplified within the oil and gas domain