Muutke küpsiste eelistusi

E-raamat: Aspect-Oriented Security Hardening of UML Design Models

, , , , , , , ,
  • Formaat: PDF+DRM
  • Ilmumisaeg: 22-Apr-2015
  • Kirjastus: Springer International Publishing AG
  • Keel: eng
  • ISBN-13: 9783319161068
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 55,56 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Aspect-Oriented Security Hardening of UML Design ModelsSuurem pilt
  • Formaat: PDF+DRM
  • Ilmumisaeg: 22-Apr-2015
  • Kirjastus: Springer International Publishing AG
  • Keel: eng
  • ISBN-13: 9783319161068
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

This book comprehensively presents a novel approach to the systematic security hardening of software design models expressed in the standard UML language. It combines model-driven engineering and the aspect-oriented paradigm to integrate security practices into the early phases of the software development process. To this end, a UML profile has been developed for the specification of security hardening aspects on UML diagrams. In addition, a weaving framework, with the underlying theoretical foundations, has been designed for the systematic injection of security aspects into UML models.

The work is organized as follows: chapter 1 presents an introduction to software security, model-driven engineering, UML and aspect-oriented technologies. Chapters 2 and 3 provide an overview of UML language and the main concepts of aspect-oriented modeling (AOM) respectively. Chapter 4 explores the area of model-driven architecture with a focus on model transformations. The main approaches that are adopted in the literature for security specification and hardening are presented in chapter 5. After these more general presentations, chapter 6 introduces the AOM profile for security aspects specification. Afterwards, chapter 7 details the design and the implementation of the security weaving framework, including several real-life case studies to illustrate its applicability. Chapter 8 elaborates an operational semantics for the matching/weaving processes in activity diagrams, while chapters 9 and 10 present a denotational semantics for aspect matching and weaving in executable models following a continuation-passing style. Finally, a summary and evaluation of the work presented are provided in chapter 11.

The book will benefit researchers in academia and industry as well as students interested in learning about recent research advances in the field of software security engineering.
1 Introduction
1(10)
1.1 Motivations
1(3)
1.2 Software Security
4(2)
1.3 Model-Driven Engineering
6(1)
1.4 Unified Modeling Language
7(1)
1.5 Aspect-Oriented Paradigm
8(1)
1.6 Outline
9(2)
2 Unified Modeling Language
11(12)
2.1 Why Unified Modeling Language?
11(1)
2.2 UML Structure
12(1)
2.3 UML Views and Concepts
13(2)
2.4 UML Diagrams
15(3)
2.5 UML Extension Mechanisms
18(1)
2.5.1 Stereotypes and Tagged Values
18(1)
2.5.2 Constraints
18(1)
2.6 Object-Constraint Language
18(1)
2.7 Executable UML
19(3)
2.7.1 Foundational UML
19(2)
2.7.2 Action Language for Foundational UML
21(1)
2.8 Conclusion
22(1)
3 Aspect-Oriented Paradigm
23(12)
3.1 AOP Models
24(3)
3.1.1 Pointcut-Advice Model
24(2)
3.1.2 Multi-Dimensional Separation of Concerns Model
26(1)
3.1.3 Adaptive Programming Model
26(1)
3.2 AOP and Security
27(1)
3.3 Basic Constructs of the Pointcut-Advice Model
28(4)
3.3.1 Aspects
28(1)
3.3.2 Join Points
28(1)
3.3.3 Pointcuts
28(3)
3.3.4 Advices
31(1)
3.3.5 Introductions
32(1)
3.4 Aspect-Oriented Modeling
32(1)
3.5 Conclusion
33(2)
4 Model-Driven Architecture and Model Transformations
35(12)
4.1 MDA Layers
37(1)
4.1.1 Computation Independent Model (CIM)
37(1)
4.1.2 Platform Independent Model (PIM)
37(1)
4.1.3 Platform Specific Model (PSM)
37(1)
4.1.4 Implementation Specific Model (ISM)
38(1)
4.2 MDA Benefits
38(1)
4.3 MDA Transformations
39(1)
4.4 Applications of Model Transformations
40(2)
4.5 Model Transformation Languages and Tools
42(2)
4.5.1 Query/View/Transformation Language
42(1)
4.5.2 Atlas Transformation Language
43(1)
4.5.3 Open Architecture Ware
43(1)
4.5.4 IBM Model Transformation Framework
43(1)
4.5.5 Kermeta
43(1)
4.6 Comparative Study of Model Transformation Languages
44(1)
4.7 Conclusion
45(2)
5 Model-Based Security
47(22)
5.1 Security Specification for UML Design
47(6)
5.1.1 Security Specification Using UML Artifacts
47(5)
5.1.2 Security Specification by Extending UML Meta-language
52(1)
5.1.3 Security Specification by Creating New Meta-languages
52(1)
5.2 Usability Discussion
53(4)
5.2.1 Usability Criteria
53(1)
5.2.2 Security Specification Using UML Artifacts
54(2)
5.2.3 Extending UML Meta-language
56(1)
5.2.4 Creating a New Meta-language
57(1)
5.3 Model-Based Security Hardening Mechanisms
57(2)
5.3.1 Security Design Patterns
58(1)
5.3.2 Mechanism-Directed Meta-languages
58(1)
5.3.3 Aspect-Oriented Modeling
58(1)
5.3.4 Challenges
59(1)
5.4 Related Work on Model-Based Security
59(8)
5.4.1 Security Design Patterns
60(1)
5.4.2 Mechanism-Directed Meta-languages
61(2)
5.4.3 Aspect-Oriented Modeling
63(2)
5.4.4 Comparative Study
65(2)
5.5 Conclusion
67(2)
6 Security Aspect Specification
69(16)
6.1 Proposed AOM Approach for Security Hardening
70(1)
6.2 A UML Profile for Aspect-Oriented Modeling
71(11)
6.2.1 Aspect Adaptations
72(2)
6.2.2 Aspect Adaptation Rules
74(1)
6.2.3 Pointcuts
75(7)
6.3 Related Work on AOM
82(2)
6.4 Conclusion
84(1)
7 Security Aspect Weaving
85(52)
7.1 Approach Overview
86(1)
7.2 Security Aspect Specialization
87(1)
7.3 Join Point Matching
88(1)
7.4 Security Aspect Weaving
89(17)
7.4.1 Weaver Architecture
89(3)
7.4.2 Transformation Definitions
92(10)
7.4.3 Transformation Rules
102(4)
7.5 Tool Support
106(5)
7.5.1 AOM Profile
106(1)
7.5.2 Weaving Framework
107(4)
7.6 Case Studies
111(21)
7.6.1 Service Provider Application
111(8)
7.6.2 SIP-Communicator
119(9)
7.6.3 Replacing Deprecated Functions in OpenSAF
128(4)
7.7 Related Work on Model Weaving
132(4)
7.8 Conclusion
136(1)
8 Static Matching and Weaving Semantics in Activity Diagrams
137(26)
8.1 Syntax
138(4)
8.1.1 Activity Diagrams Syntax
138(2)
8.1.2 Aspect Syntax
140(2)
8.2 Matching and Weaving Semantics
142(6)
8.2.1 Matching Semantics
142(4)
8.2.2 Weaving Semantics
146(2)
8.3 Completeness and Correctness of the Weaving
148(13)
8.3.1 Algorithms
148(3)
8.3.2 Completeness and Correctness
151(10)
8.4 Conclusion
161(2)
9 Dynamic Matching and Weaving Semantics in A-Calculus
163(30)
9.1 Background
164(8)
9.1.1 λ-Calculus
165(2)
9.1.2 Denotational Semantics
167(1)
9.1.3 Continuation-Passing Style
168(2)
9.1.4 Defunctionalization
170(2)
9.2 Syntax and Denotational Semantics
172(2)
9.3 Continuation-Passing Style Semantics
174(4)
9.3.1 Representation of Continuations as Functions
174(1)
9.3.2 Representation of Continuations as Frames
174(4)
9.4 Aspect Syntax and Semantics
178(6)
9.4.1 Aspect Syntax
179(1)
9.4.2 Matching Semantics
179(2)
9.4.3 Weaving Semantics
181(3)
9.5 Semantics of Flow-Based Pointcuts
184(6)
9.5.1 Control Flow Pointcut
184(1)
9.5.2 Dataflow Pointcut
185(4)
9.5.3 Example
189(1)
9.6 Related Work on AOP Semantics
190(2)
9.7 Conclusion
192(1)
10 Dynamic Matching and Weaving Semantics in Executable UML
193(22)
10.1 Example
194(1)
10.2 Syntax
195(1)
10.3 Denotational Semantics
196(3)
10.3.1 Denotational Semantics of Activity Diagrams
197(2)
10.3.2 Denotational Semantics of Alf Language
199(1)
10.4 Continuation-Passing Style Semantics
199(4)
10.4.1 Representation of Continuations as Functions
199(1)
10.4.2 Representation of Continuations as Frames
200(3)
10.5 Aspect Syntax and Semantics
203(4)
10.5.1 Aspect Syntax
204(1)
10.5.2 Matching Semantics
204(1)
10.5.3 Weaving Semantics
205(2)
10.6 Semantics of the Dataflow Pointcut
207(4)
10.7 Related Work on Aspect Semantics in xUML
211(1)
10.8 Conclusion
212(3)
11 Conclusion
215(6)
References 221(12)
Index 233
The authors of this book conducted several research initiatives in the area of computer security, privacy and cyber forensics. The content reported is the result of a 4-year research project on the aspect oriented security hardening of UML design models and is based on a fruitful collaboration between Concordia University and Ericsson under a research partnership program of the Canadian Natural Sciences and Engineering Research Council (NSERC).
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97833191610682e.html
Märksõnad: