Formal specification and analysis of JAAS framework

Authors:
Shin Nakajima;Tetsuo Tamai
Affiliations:
National Institute of Informatics;The University of Tokyo
Venue:
Proceedings of the 2006 international workshop on Software engineering for secure systems
Year:
2006

Citing 16
Cited 1

Contracts: specifying behavioral compositions in object-oriented systems

OOPSLA/ECOOP '90 Proceedings of the European conference on object-oriented programming on Object-oriented programming systems, languages, and applications
An object-oriented modeling method for algebraic specifications in CafeOBJ

ICSE '97 Proceedings of the 19th international conference on Software engineering
The Model Checker SPIN

IEEE Transactions on Software Engineering - Special issue on formal methods in software practice
Extensible security architectures for Java

Proceedings of the sixteenth ACM symposium on Operating systems principles
Java security

Java security
Objects, components, and frameworks with UML: the catalysis approach

Objects, components, and frameworks with UML: the catalysis approach
Enforceable security policies

ACM Transactions on Information and System Security (TISSEC)
Behavioural analysis of the enterprise JavaBeans component architecture

SPIN '01 Proceedings of the 8th international SPIN workshop on Model checking of software
A micromodularity mechanism

Proceedings of the 8th European software engineering conference held jointly with 9th ACM SIGSOFT international symposium on Foundations of software engineering
A lightweight approach to specification and analysis of role-based access control extensions

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
The Uml Profile for Framework Architectures

The Uml Profile for Framework Architectures
Lightweight Analysis of Object Interactions

TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
User Authentication and Authorization in the Java(tm) Platform

ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Behavioural Analysis of Component Framework with Multi-Valued Transition System

APSEC '02 Proceedings of the Ninth Asia-Pacific Software Engineering Conference
An Operational Semantics of Java 2 Access Control

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Going beyond the sandbox: an overview of the new security architecture in the javaTM development Kit 1.2

USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems

Introduction to software engineering for secure systems: SESS06 -- secure by design

Proceedings of the 2006 international workshop on Software engineering for secure systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper reports on our experience of using Alloy for analysis of system design in regard to changes in the security requirements. It presents some of technical details for the specification and analysis of the JAAS framework. The declarative way of writing specification, together with its analysis mechanism, Alloy is shown useful from a wide variety of viewpoints.