Paper Info
Title
Weaving Authentication and Authorization Requirements into the Functional Model of a System Using Z Promotion
Abstract
The use of Z in software development has focused on specifying the functionality of a system. However, when developing secure system, it is important to address fundamental security aspects, such as authentication. authorization, and auditing. In this paper, we show all approach for building systems from generic and modular security components using promotion technique in Z. The approach focuses oil weaving security component into the functionality of a system using promotion technique in Z. For each component, Z notation is used to construct its state-based model and the relevant operations. Once a component is introduced, the defined local operations are promoted to work oil the global state. We illustrate this approach on the development of a, "secure" model for a conference management system. With this approach, it is possible to specify the core functionalities of a system independently from the security mechanisms. Authentication and authorization are viewed as components which are carefully integrated with the functional system.
Year
DOI
Venue
2008
10.1007/978-3-540-88479-8_59
Communications in Computer and Information Science
Keywords
Field
DocType
Z specification,Security Requirements,Authentication,Authorization,Weaving Security into Functional Models,Z Promotion
Z notation,Weaving,Audit,Authentication,Computer security,Computer science,Authorization,Modular design,Computer security model,Software development
Conference
Volume
ISSN
Citations 
17
1865-0929
1
PageRank 
References 
Authors
0.47
13
2
Name
Order
Citations
PageRank
Ali Nasrat Haidar1716.03
Ali E. Abdallah212322.10