Correct Architecture Refinement
IEEE Transactions on Software Engineering - Special issue on software architecture
A General Theory of Composition for a Class of "Possibilistic" Properties
IEEE Transactions on Software Engineering
Style-based refinement for software architecture
ISAW '96 Joint proceedings of the second international software architecture workshop (ISAW-2) and international workshop on multiple perspectives in software development (Viewpoints '96) on SIGSOFT '96 workshops
A Classification and Comparison Framework for Software Architecture Description Languages
IEEE Transactions on Software Engineering
A framework for building non-functional software architectures
Proceedings of the 2001 ACM symposium on Applied computing
SEKE '02 Proceedings of the 14th international conference on Software engineering and knowledge engineering
Incorporating Non-functional Requirements into Software Architectures
IPDPS '00 Proceedings of the 15 IPDPS 2000 Workshops on Parallel and Distributed Processing
An approach to building quality into software architecture
CASCON '95 Proceedings of the 1995 conference of the Centre for Advanced Studies on Collaborative research
Enabling Iterative Software Architecture Derivation Using Early Non-Functional Property Evaluation
Proceedings of the 17th IEEE international conference on Automated software engineering
Putting non-functional requirements into software architecture
IWSSD '98 Proceedings of the 9th international workshop on Software specification and design
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
On the composition of security properties
On the composition of security properties
An Approach for Modeling and Analysis of Security System Architectures
IEEE Transactions on Knowledge and Data Engineering
Non-Functional Refinement of Computer Based Systems Architecture
ECBS '04 Proceedings of the 11th IEEE International Conference and Workshop on Engineering of Computer-Based Systems
End-to-End Availability Policies and Noninterference
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Leveraging architectural models to inject trust into software systems
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Architecture-based refinements for secure computer systems design
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Research on software design level security vulnerabilities
ACM SIGSOFT Software Engineering Notes
A Knowledge Based Formal Language for Securing Information Systems
KES '09 Proceedings of the 13th International Conference on Knowledge-Based and Intelligent Information and Engineering Systems: Part I
A modal logic for information system security
AISC '11 Proceedings of the Ninth Australasian Information Security Conference - Volume 116
| Hi-index | 0.00 |
The successful design and implementation of secure systems must include security concerns from the beginning. A component that processes data at multiple security levels is critical and must go through additional evaluation to ensure the processing is secure. It is common practice to isolate and separate the processing of data at different levels into different components. In this paper we present policy-based architectural refinement techniques for the design of multi-level secure (MLS) systems. In addition, a policy refinement language is proposed to specify the rules of refinement patterns, and the hierarchy of the refinement patterns is presented. We discuss which security policies must be satisfied through the refinement process, including when separation works and when it does not. The process oriented approach will lead to verified engineering techniques for the design of MLS systems, which should greatly reduce the cost of certification of those systems.