Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Pattern Mining and Certification: An Evidence-Based Approach Jungwoo Ryoo and Phillip Laplante Penn State University Rick Kazman University of.

Published byEvangeline Bridges Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Pattern Mining and Certification: An Evidence-Based Approach Jungwoo Ryoo and Phillip Laplante Penn State University Rick Kazman University of."— Presentation transcript:

1 Security Pattern Mining and Certification: An Evidence-Based Approach Jungwoo Ryoo and Phillip Laplante Penn State University Rick Kazman University of Hawaii

2 Software Patterns Recurring problems – Well known solutions – Example: how to build a castle No need to – Start from scratch Gang of Four – Erich Gamma et al., Design Patterns. Addison Wesley, 1994. Background 12/18/20092Penn State University  University of Hawaii

3 Types of Patterns 12/18/2009Penn State University  University of Hawaii3 Early Design Analysis Implementation Testing Requirements Elicitation Inception Deployment Detailed Design Software Development Life Cycle Architectural Patterns Design Patterns Background

4 Architectural vs. Design Patterns Architectural pattern – Addresses overarching/cross-cutting concerns such as Security Performance Usability Modifiability Reusability Design pattern – Addresses functional requirements 12/18/2009Penn State University  University of Hawaii4 Background

5 Patterns Community 12/18/20095Penn State University  University of Hawaii Background

6 Architectural Pattern Characteristics Community-driven – Size Context-bound – Problem domain-specific Multiple forces – Quality attributes 12/18/2009Penn State University  University of Hawaii6 Motivation

7 Architectural Patterns: Shortcomings Community-driven – Long turn-around time 12/18/2009Penn State University  University of Hawaii7 Motivation

8 Architectural Patterns: Shortcomings Still too – concrete and – restricting as a starting point (not malleable) Need for a more primitive concept – Something that maps directly to a particular concern such as security 12/18/2009Penn State University  University of Hawaii8 Motivation

9 Architectural Patterns: Shortcomings Already interwoven solutions Due to their multi-force nature – No rigorous way to verify the Effectiveness in addressing a particular quality attribute Influence on other quality attributes 12/18/2009Penn State University  University of Hawaii9 Motivation

10 Introducing Tactics More fine grained concept than architectural patterns – Decomposition of an architectural pattern Identification of building blocks of an architectural pattern – Mapping between a single quality attribute and an architectural pattern – Establishing the traceability 12/18/2009Penn State University  University of Hawaii10 Our Approach

11 Types of Patterns 12/18/2009Penn State University  University of Hawaii11 Early Design Analysis Implementation Testing Requirements Elicitation Inception Deployment Detailed Design Software Development Life Cycle Architectural Patterns Design Patterns Our Approach Very Early Design Tactics

12 Tactics: Benefits No more guess work – Architects know exactly why they need a pattern! Easier verification of effectiveness – Problem: privilege escalation – Solution: privilege separation vs. – Problem: Separation of concerns in Web applications – Solution: MVC or Model View Controller 12/18/2009Penn State University  University of Hawaii12 Our Approach

13 After-the-Fact Security Solutions Today’s software security research mainly focuses on: – Testing Static code analysis using software tools Example – The Open Source Hardening Project Coverity® tool 12/18/2009Penn State University  University of Hawaii13 Ongoing Research

14 Analogy: a Secure Building 12/18/2009Penn State University  University of Hawaii14 vs. Ongoing Research

15 Security Tactics Hierarchy 12/18/2009Penn State University  University of Hawaii15

16 Ultimate Goal of our Research Proactively building a repository of high-level design strategies (referred to as tactics ) whose effectiveness is verifiable, to help software architects develop their own customized structural design that is both secure and problem-specific. 12/18/2009Penn State University  University of Hawaii16 Ongoing Research

17 What about a Community Process? Of course, this repository could be built naturally through a community process based on consensus Problems – Time – Verification 12/18/2009Penn State University  University of Hawaii17 Ongoing Research

18 Methodology for Mining Tactics We propose that tactics be mined proactively from the existing – Open source code base and – Patterns. Currently, many tactics are misidentified as patterns. 12/18/2009Penn State University  University of Hawaii18 Ongoing Research

19 Methodology for Scientific Verification Open source projects can serve as a proving ground for scientifically verifying the effectiveness of a tactic. 12/18/2009Penn State University  University of Hawaii19 Ongoing Research

20 Evidence-Based SE through Open Source The methodology – Identify Multiple open source projects Defect and tactic pairs – For example, privilege escalation and separation – Compare The number of defects – before and after the tactic within the same open source project by tracking the history of the defects – With or without the tactic among multiple open source project – Analysis If the number of relevant defects – Goes down – Is smaller The tactic is effective 12/18/2009Penn State University  University of Hawaii20 Ongoing Research

21 Publications Jungwoo Ryoo, Phil Laplante and Rick Kazman, In Search of Architectural Patterns for Software Security, Computer, 42 (6): 98-100, June 2009. 12/18/200921Penn State University  University of Hawaii

22 Questions and Answers 12/18/200922Penn State University  University of Hawaii

23 Relationship between Tactics and Patterns Tactics – Help architects with an initial architectural design process – are building blocks of a pattern – Establish direct traceability between specific quality attributes and a pattern 12/18/200923Penn State University University of Hawaii

24 Differences between Tactics and Patterns Atomicity Force limitation Problem specificity Completeness Tradeoffs between forces 12/18/2009Penn State University University of Hawaii24

25 Mining Tactics from Patterns Compartmentalization – “Put each part in a separate security domain. Even when the security of one part is compromised, the other parts remain secure.” 12/18/2009Penn State University University of Hawaii25 Security Resisting Attacks Limit Access Compartmentalization Ongoing Research

26 Tactics and Patterns 12/18/2009Penn State University University of Hawaii26 Example “The authenticator pattern performs authentication of a requesting process before deciding access to distributed objects.”

Download ppt "Security Pattern Mining and Certification: An Evidence-Based Approach Jungwoo Ryoo and Phillip Laplante Penn State University Rick Kazman University of."

Similar presentations

Dr. Rogelio Dávila Pérez

Dr. Rogelio Dávila Pérez
Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department Software Systems.

Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department Software Systems.
Software Architecture in Practice (3 rd Ed) Understanding Quality Attributes Understanding the following: How to express the qualities we want our architecture.

Software Architecture in Practice (3 rd Ed) Understanding Quality Attributes Understanding the following: How to express the qualities we want our architecture.
Engineering Secure Software. Uses of Risk Thus Far  Start with the functionality Use cases  abuse/misuse cases p(exploit), p(vulnerability)  Start.

Engineering Secure Software. Uses of Risk Thus Far  Start with the functionality Use cases  abuse/misuse cases p(exploit), p(vulnerability)  Start.
Software Engineering 1. Introduction 2. Course schedule.

Software Engineering 1. Introduction 2. Course schedule.
CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.

CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.
1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From www.451group.com/security/451_security.php.www.451group.com/security/451_security.php.

1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From
Creating Architectural Descriptions. Outline Standardizing architectural descriptions: The IEEE has published, “Recommended Practice for Architectural.

Creating Architectural Descriptions. Outline Standardizing architectural descriptions: The IEEE has published, “Recommended Practice for Architectural.
Software Architecture in Practice RiSE’s Seminars Bass’s book :: Chapters 07 Eduardo Santana de Almeida.

Software Architecture in Practice RiSE’s Seminars Bass’s book :: Chapters 07 Eduardo Santana de Almeida.
Overview of Software Requirements

Overview of Software Requirements
Software Architecture in Practice

Software Architecture in Practice
Chapter 8 Object Design Reuse and Patterns. Finding Objects The hardest problems in object-oriented system development are: –Identifying objects –Decomposing.

Chapter 8 Object Design Reuse and Patterns. Finding Objects The hardest problems in object-oriented system development are: –Identifying objects –Decomposing.
Iterative development and The Unified process

Iterative development and The Unified process
1 Computer Systems & Architecture Lesson 1 1. The Architecture Business Cycle.

1 Computer Systems & Architecture Lesson 1 1. The Architecture Business Cycle.
Façade Design Pattern Source: Design Patterns – Elements of Reusable Object- Oriented Software; Gamma, et. al.

Façade Design Pattern Source: Design Patterns – Elements of Reusable Object- Oriented Software; Gamma, et. al.
The Software Product Life Cycle. Views of the Software Product Life Cycle  Management  Software engineering  Engineering design  Architectural design.

The Software Product Life Cycle. Views of the Software Product Life Cycle  Management  Software engineering  Engineering design  Architectural design.
Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.

Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.
Software Architecture. Agenda Why architect? What is architecture? What does an architect do? What principles guide the process of architecting?

Software Architecture. Agenda " Why architect? " What is architecture? " What does an architect do? " What principles guide the process of architecting?
The Many Contexts of Software Architecture

The Many Contexts of Software Architecture
What is Software Architecture?

What is Software Architecture?

Similar presentations

Ads by Google