ASIA unversity:Item 310904400/4772
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 94286/110023 (86%)
造訪人次 : 21656252      線上人數 : 191
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
    •  進階搜尋


    請使用永久網址來引用或連結此文件: http://asiair.asia.edu.tw/ir/handle/310904400/4772


    題名: An Approach for Modeling and Analysis of Security System Architecture
    作者: Jeffrey J. P. Tsai;Y. Deng
    關鍵詞: Software security, security system architecture, access control, authorization service, formal architectural modeling, constraint patterns, formal verification, Petri nets, temporal logic.
    日期: 2003
    上傳時間: 2009-12-02 01:04:08 (UTC+0)
    出版者: Asia University
    摘要: Security system architecture governs the composition of components in security systems and interactions between them. It
    plays a central role in the design of software security systems that ensure secure access to distributed resources in networked
    environment. In particular, the composition of the systems must consistently assure security policies that it is supposed to enforce.
    However, there is currently no rigorous and systematic way to predict and assure such critical properties in security system design. In
    this paper, a systematic approach is introduced to address the problem. We present a methodology for modeling security system
    architecture and for verifying whether required security constraints are assured by the composition of the components. We introduce
    the concept of security constraint patterns, which formally specify the generic form of security policies that all implementations of the
    system architecture must enforce. The analysis of the architecture is driven by the propagation of the global security constraints onto
    the components in an incremental process. We show that our methodology is both flexible and scalable. It is argued that such a
    methodology not only ensures the integrity of critical early design decisions, but also provides a framework to guide correct
    implementations of the design. We demonstrate the methodology through a case study in which we model and analyze the architecture
    of the Resource Access Decision (RAD) Facility, an OMG standard for application-level authorization service.
    關聯: IEEE Transactions on Knowledge and Data Engineering 15(5):1099-1119
    顯示於類別:[生物資訊與醫學工程學系 ] 期刊論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    0KbUnknown623檢視/開啟
    310904400-4772.doc36KbMicrosoft Word425檢視/開啟


    在ASIAIR中所有的資料項目都受到原著作權保護.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回饋