Accéder directement au contenu Accéder directement à la navigation
Communication dans un congrès

Contract-based design patterns: a design by contract approach to specify security patterns

Abstract : With the ever growing digitization of activities, software systems are getting more and more complex. They must comply with new usages, varied needs, and are permanently exposed to new security vulnerabilities. Security concerns must be addressed throughout the entire development process and in particular through appropriate architectural choices. The security patterns are the founding principles to provide the architectural and design guidelines. Nevertheless, researchers have pointed out the need for further research investigations to improve quality and effectiveness of security patterns. In this paper, we focus on enhancing security patterns specification to improve the security of the systems using them. Thus, to reach this goal, we present a formal Design by Contract approach to improve the behavioral definition of the security patterns. This approach seeks to define both functional behavior and implicit parts of security design patterns. Our approach includes the contract formalization of security patterns and a comparative implementation on two Java annotation frameworks. The application of the proposal in a proof of concept case highlights the security enforcement at design time or on a legacy source code.
Type de document :
Communication dans un congrès
Liste complète des métadonnées
Contributeur : Marie Briec <>
Soumis le : lundi 5 octobre 2020 - 16:02:12
Dernière modification le : mercredi 14 octobre 2020 - 04:18:59



Caine Silva, Sylvain Guérin, Raúl Mazo, Joël Champeau. Contract-based design patterns: a design by contract approach to specify security patterns. 15th International Conference on Availibitlity, Reliability ans Security, ARES 2020, Association for Computing Machinery (ACM), Aug 2020, Virtual Event, Ireland. pp.1-9, ⟨10.1145/3407023.3409185⟩. ⟨hal-02958111⟩



Consultations de la notice