Paper Info
Title
Contract-Based Security Monitors for Service Oriented Software Architecture
Abstract
Monitors have been used for real-time systems to ensure proper behavior; however, most approaches do not allow for the addition of relevant fields required to identify and react to security vulnerabilities. Contracts can provide a useful mechanism for identifying and tracking vulnerabilities. Currently, contracts have been proposed for reliability and formal verification; yet, their use in security is limited. Static analysis methods are able to identify many known vulnerabilities; however, they suffer from a high rate of false-positives. The creation of a mechanism that can verify identified vulnerabilities is therefore warranted. We propose a contract-based security assertion monitoring framework (CB SAMF) for reducing the number of security vulnerabilities that are exploitable. CB SAMF will span multiple software layers and be used in an enhanced systems development life cycle (SDLC) including service-oriented analysis and design (SOAD).
Year
DOI
Venue
2008
10.1109/APSCC.2008.169
APSCC
Keywords
Field
DocType
useful mechanism,service-oriented analysis,security engineering,enhanced systems development life,service-oriented architecture,formal verification,high rate,contract-based security monitors,monitors,known vulnerability,static analysis method,contracts,cb samf,service oriented software architecture,security vulnerability,contract-based security assertion monitoring,false positive,service oriented architecture,software reliability,real time systems,security,static analysis,system development life cycle,software architecture,kernel
Security through obscurity,Computer science,Security engineering,Computer security,Security service,Security bug,Systems development life cycle,Software architecture,Secure coding,Software quality
Conference
ISBN
Citations 
PageRank 
978-0-7695-3473-2
1
0.36
References 
Authors
11
2
Name
Order
Citations
PageRank
Alexander M. Hoole1101.99
Issa Traore230632.31