Upload
phu-h-nguyen
View
267
Download
0
Embed Size (px)
Citation preview
A Systematic Review of Model-Driven Security
APSEC 2013, Bangkok, Thailand December 05th, 2013
Phu H. Nguyen, Jacques Klein,
and Yves Le Traon
Interdisciplinary Centre for Security,
Reliability and Trust (SnT),
University of Luxembourg,
Luxembourg
Max E. Kramer
Software Design and Quality Group,
Karlsruhe Institute of Technology (KIT),
Germany
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 2
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 3
1. MDS
Outline
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 4
1. MDS
Outline
2. SLR
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 5
1. MDS
Outline
2. SLR
3. Results
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 6
Many security weaknesses already made the
headlines of the newspapers.
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 7
1. (Software) systems are getting more complex, especially including security concerns.
http://seanblanchfield.com
dbstrat.com
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 8
2. Security threats evolving fast, but are not taken into account early in the development process!
securesoftware.blogspot.com
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 9
3. Economic pressure reduces the development time and increases the frequency of demanded modifications…
http://blogs.vmware.com
Article (Fernandez-Medina2009) Fernández-Medina, E.; Jurjens, J.; Trujillo, J. & Jajodia, S. Model-Driven Development for secure information systems Information and Software Technology, 2009, 51, 809-814
Article (Fernandez-Medina2009)
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 12
Model-Driven Security with SecureUML Model Driven Security, Technical Report 414, ETH Zurich, 2004
1. Security concerns are dealt with from the very beginning, and throughout the MDS development lifecycle.
SecureUML
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 13
2. Model-Based Security Verification & Validation could check for security properties in advance!
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 14
3. MDS is productive, less error-prone by leveraging on (automated) model transformations.
www.sparxsystems.com
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 15
Why a Systematic Review of MDS?
www.replicatedtypo.com
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 16
Research Question (RQ) 1: How are the existing MDS approaches supporting the development of secure systems?
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 17
Sub-Research Questions
RQ1.1 What kinds of security mechanisms/concerns are addressed by these MDS approaches?
RQ1.2 How do the MDS approaches specify/model security requirements together with functional requirements?
RQ1.3 How model-to-model transformations (MMTs) are leveraged and which MMT engines are used?
RQ1.4 How model-to-text transformations (MTTs) are leveraged to generate code, including complete, configured security infrastructures?
Research Question (RQ) 1: How are the existing MDS approaches supporting the development of secure systems?
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 18
Sub-Research Questions
RQ1.5 Have any case studies been performed to evaluate the approaches? If yes, what results have been obtained? What other evaluation methods (other than case studies) have been applied to evaluate these approaches?
RQ1.6 Which application domains have been addressed in MDS approaches?
Research Question (RQ) 1: How are the existing MDS approaches supporting the development of secure systems?
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 19
RQ3: What are the open issues to be further investigated?
RQ2: What are the current limitations of each approach?
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 20
( “model-driven” OR “model based” OR MDA OR MDE OR model* OR UML ) AND ( specify* OR design* ) AND ( transform* OR “code generation” ) AND security
Selection Criteria
IEEE Xplore ACM Digital Library
ISI Web of Knowledge
Science Direct
Springer
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 21
Evaluation Criteria - A Taxonomy of MDS
Security concerns/mechanisms
Modeling approaches
Model-to-model transformations (MMTs)
Model-to-text transformations (MTTs)
Evaluation methods
Application domains
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 22
Results
Security concerns addressed by MDS. Why is Authorization tackled the most?
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 23
Aspect-Oriented Modeling vs. Non-AOM
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 24
Results
Model-to-model transformations
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 25
Results
Model-to-code transformations
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 26
Results
Application domains
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 27
Results in details.
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 28
Primary Approaches
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 29
• Make sure the full selection of the most relevant MDS papers for the final set.
– Manual Search
– Adopt the “Snowballing” strategy
• Expand the discussion more detailed, e.g. trends analysis.
• Expand the comparison of all MDS approaches.
Future Work
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 30
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 31
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 32
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 33
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 34
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 35
ICTSS 2010 A Systematic Review of MDS Phu H. Nguyen et al. 36
• More information? Interested? => our paper is available!
• Twitter: @nguyenhongphu
The End! Q&A