Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
Java-MaC: A Run-Time Assurance Approach for Java Programs
Formal Methods in System Design
An Overview of the Runtime Verification Tool Java PathExplorer
Formal Methods in System Design
On the secure implementation of security protocols
Science of Computer Programming - Special issue on 12th European symposium on programming (ESOP 2003)
Sound methods and effective tools for model-based security engineering with UML
Proceedings of the 27th international conference on Software engineering
Policy Analysis for Administrative Role Based Access Control
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Tools for model-based security engineering: models vs. code
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Automated analysis of permission-based security using UMLsec
FASE'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Fundamental approaches to software engineering
Secure Systems Development with UML
Secure Systems Development with UML
| Hi-index | 0.00 |
In this paper we deal with the application of run-time checking to enforce requirements which, because of their nature, cannot be enforced statically. More specifically, it deals with the problem how to control access to objects within an object-oriented system at run-time in a way that enforces an overall security policy. It aims to improve on the ad-hoc (and often untrustworthy) way it is currently done in practice by automatically generating the run-time checks from a model-based specification of the system that captures the security policy. Concretely, the models are expressed in the UML security extension UMLsec, and the run-time checks that are generated for Java programs rely on GuardedObjects.