Composing Security-Aware Software

Authors:
Khaled M. Khan;Jun Han
Affiliations:
-;-
Venue:
IEEE Software
Year:
2002

Citing 6
Cited 11

Component primer

Communications of the ACM
Trust online

Communications of the ACM
Certifying Software for High-Assurance Environments

IEEE Software
Third-Party Testing and the Quality of Software Components

IEEE Software
What Do You Mean by COTS? Finally, a Useful Answer

IEEE Software
A Framework for an Active Interface to Characterise Compositional Security Contracts of Software Components

ASWEC '01 Proceedings of the 13th Australian Conference on Software Engineering

A component based methodology for web application development

Journal of Systems and Software
Deployed software component testing using dynamic validation agents

Journal of Systems and Software - Special issue: Automated component-based software engineering
Achieving seamless component composition through scenario-based deep adaptation and generation

Science of Computer Programming - Special issue on new software composition concepts
Towards a unifying view on security contracts

SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Rich component generation for web applications using custom tags

CEA'07 Proceedings of the 2007 annual Conference on International Conference on Computer Engineering and Applications
Certification process of software components

ACM SIGSOFT Software Engineering Notes
Uniform tag-based rich component generation for web application development

WSEAS Transactions on Information Science and Applications
Application of safety analyses in model driven development

SEUS'07 Proceedings of the 5th IFIP WG 10.2 international conference on Software technologies for embedded and ubiquitous systems
Component security: issues and an approach

COMPSAC-W'05 Proceedings of the 29th annual international conference on Computer software and applications conference
Component qos contract negotiation in multiple containers

ODBASE'06/OTM'06 Proceedings of the 2006 Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, DOA, GADA, and ODBASE - Volume Part II
Security model oriented attestation on dynamically reconfigurable component-based systems

Journal of Network and Computer Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

This article addresses a key issue in security: how to inspire trust by disclosing security properties of software components to others in a component-based software development environment. The authors introduce a component security characterization framework in this endeavor that characterizes security properties by exposing software security profiles to others. The active interface lets software engineers know up front the impact of security properties of a composition's candidate components.