Swinburne
Browse
- No file added yet -

Security characterisation and integrity assurance for component-based software

Download (573.02 kB)
conference contribution
posted on 2024-07-13, 00:07 authored by Jun HanJun Han, Yuliang Zheng
Software systems are increasingly being assembled from components that are developed by and purchased from third parties, for technical and economic gains. In such component-based software development, the functionality and quality-of-service attributes of the software components should be clearly and adequately specified (or packaged) through their interfaces, so that the characteristics of the systems assembled from the components can be analysed relative to the system requirements. In this paper, we consider one particular quality-of-service attribute, i.e. security, and outline an approach to (1) specifying the security characteristics of software components and (2) analysing the security properties of component-based systems in terms of their component characteristics and system architectures. The approach is partially based on the Common Criteria for Information Technology Security Evaluation (ISO/IEC International Standard 15408). In addition, we also introduce out work on ensuring the integrity of software components as part of the infrastructural support for component-based software engineering.

History

Available versions

PDF (Published version)

ISBN

9780769509037

Journal title

International Conference on Software Methods and Tools (SMT 2000), Wollongong, Australia, 06-09 November 2000 / Jonathan Gray and Peter Croll (eds.)

Conference name

International Conference on Software Methods and Tools SMT 2000, Wollongong, Australia, 06-09 November 2000 / Jonathan Gray and Peter Croll eds.

Issue

1

Pagination

5 pp

Publisher

IEEE

Copyright statement

Copyright © 2000 IEEE. The published version is reproduced in accordance with the copyright policy of the publisher. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

Language

eng

Usage metrics

    Publications

    Categories

    No categories selected

    Keywords

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC