Buscar

 

RI UFLA (Universidade Federal de Lavras) >
Revistas UFLA >
Infocomp >

Please use this identifier to cite or link to this item: http://repositorio.ufla.br/jspui/handle/1/9944

Title: Formalization of web security patterns
???metadata.dc.creator???: Dwivedi, Ashish Kumar
Rath, Santanu Kumar
Keywords: Alloy
Formal modeling
Online banking system
Security patterns
Liga
Modelagem formal
Sistema bancário on-line
Padrões de segurança
Publisher: Editora da UFLA
???metadata.dc.date???: 1-Jun-2015
Citation: DWIVEDI, A. K.; RATH, S. K. Formalization of web security patterns. INFOCOMP: Journal of Computer Science, Lavras, v. 14, n. 1, p. 14-25, June 2015.
Abstract: Security issues in software industries become more and more challenging due to malicious attacks and as a result, it leads to exploration of various security holes in software system. In order to secure the information assets associated with any software system, organizations plan to design the system based on a number of security patterns, useful to build and test new security mechanisms. These patterns are nothing but certain design guidelines. But they have certain limitations in terms of consistency and usability. Hence, these security patterns may sometimes act as insecure. In this study, an attempt has been made to compose security patterns for the web-based application. Subsequently, a formal modeling approach for the composition of security patterns is presented. In order to maximize comprehensibility, Unified Modeling Language (UML) notations are used to represent structural and behavioral aspects of a web-based system. A formal modeling language i.e., Alloy has been taken into consideration for analyzing web-based security pattens. For the demonstration of this approach, a case study i.e., an online banking system is considered. A qualitative evaluation is performed for the identified security patterns against the critical security properties. In this study a model-driven framework is presented, which helps to automate the process of analyzing web security patterns.
Other Identifiers: http://www.dcc.ufla.br/infocomp/index.php/INFOCOMP/article/view/493
???metadata.dc.language???: eng
Appears in Collections:Infocomp

Files in This Item:

There are no files associated with this item.

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.


View Statistics

 


DSpace Software Copyright © 2002-2010  Duraspace - Feedback