TY - GEN
T1 - Modeling security attacks with statecharts
AU - El Ariss, Omar
AU - Xu, Dianxiang
PY - 2011
Y1 - 2011
N2 - Software security is becoming a key quality concern as software applications are increasingly being used in untrustworthy computing environments such as the internet. Software is designed with the mindset of its functionalities and cost, where the focus is on the operational behavior while security concerns are neglected or marginally considered. As a result, software engineers build the software while lacking the knowledge about security and its effect on the system. This paper presents an approach for modeling the behavior of security threats using statecharts. The proposed approach introduces modular design for representing threats through the use of components and reusability. Through the focus on the behavior of an attack, software engineers can clearly define and understand security concerns as the application is being designed and developed. In addition, modeling security threats with statecharts makes it convenient to build a consistent semantic link between functional behaviors and security concerns.
AB - Software security is becoming a key quality concern as software applications are increasingly being used in untrustworthy computing environments such as the internet. Software is designed with the mindset of its functionalities and cost, where the focus is on the operational behavior while security concerns are neglected or marginally considered. As a result, software engineers build the software while lacking the knowledge about security and its effect on the system. This paper presents an approach for modeling the behavior of security threats using statecharts. The proposed approach introduces modular design for representing threats through the use of components and reusability. Through the focus on the behavior of an attack, software engineers can clearly define and understand security concerns as the application is being designed and developed. In addition, modeling security threats with statecharts makes it convenient to build a consistent semantic link between functional behaviors and security concerns.
UR - http://www.scopus.com/inward/record.url?scp=79960496487&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=79960496487&partnerID=8YFLogxK
U2 - 10.1145/2000259.2000281
DO - 10.1145/2000259.2000281
M3 - Conference contribution
AN - SCOPUS:79960496487
SN - 9781450307246
T3 - CompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11
SP - 123
EP - 132
BT - CompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11
T2 - 7th Int. ACM SIGSOFT Conf. on the Quality of Software Archit., QoSA 2011 and the 2nd ACM SIGSOFT Int. Symp. on Archit. Critical Syst., ISARCS 2011, Part of the 2011 Federated Events on Component-Based Software Eng. and Software Archit., CompArch'11
Y2 - 20 June 2011 through 24 June 2011
ER -