Title | ||
---|---|---|
Weaving Authentication and Authorization Requirements into the Functional Model of a System Using Z Promotion |
Abstract | ||
---|---|---|
The use of Z in software development has focused on specifying the functionality of a system. However, when developing secure system, it is important to address fundamental security aspects, such as authentication. authorization, and auditing. In this paper, we show all approach for building systems from generic and modular security components using promotion technique in Z. The approach focuses oil weaving security component into the functionality of a system using promotion technique in Z. For each component, Z notation is used to construct its state-based model and the relevant operations. Once a component is introduced, the defined local operations are promoted to work oil the global state. We illustrate this approach on the development of a, "secure" model for a conference management system. With this approach, it is possible to specify the core functionalities of a system independently from the security mechanisms. Authentication and authorization are viewed as components which are carefully integrated with the functional system. |
Year | DOI | Venue |
---|---|---|
2008 | 10.1007/978-3-540-88479-8_59 | Communications in Computer and Information Science |
Keywords | Field | DocType |
Z specification,Security Requirements,Authentication,Authorization,Weaving Security into Functional Models,Z Promotion | Z notation,Weaving,Audit,Authentication,Computer security,Computer science,Authorization,Modular design,Computer security model,Software development | Conference |
Volume | ISSN | Citations |
17 | 1865-0929 | 1 |
PageRank | References | Authors |
0.47 | 13 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Ali Nasrat Haidar | 1 | 71 | 6.03 |
Ali E. Abdallah | 2 | 123 | 22.10 |