Extending a secure development methodology to distributed systems - PowerPoint PPT Presentation

About This Presentation
Title:

Extending a secure development methodology to distributed systems

Description:

Fixed Network. Wireless. Network. Extending the ... Limited communications bandwidth. Limited processing power. Relatively unreliable network connection. Mobile ... – PowerPoint PPT presentation

Number of Views:45
Avg rating:3.0/5.0
Slides: 16
Provided by: Pers265
Learn more at: https://www.cse.fau.edu
Category:

less

Transcript and Presenter's Notes

Title: Extending a secure development methodology to distributed systems


1
Extending a secure development methodology to
distributed systems
  • Yamile Villafuerte
  • Florida Atlantic University
  • Advisor Eduardo B. Fernandez

2
Agenda
  • Methodology Overview
  • Extending the methodology to distributed
    applications
  • Financial Institution Example
  • Conclusions

3
Methodology Overview
  • Security principles must be applied at every
    development stage
  • Requirements List of all possible attacks.
    Deduce policies to mitigate attacks.
  • Analysis Analysis patterns with predefined
    authorizations based on roles.
  • Design Interfaces can be used to enforce
    authorizations. Distribution provides another
    dimension where security restrictions can be
    applied.

4
Extending the Methodology
Choices at the design stage for distributed
applications
5
Extending the Methodology
  • How can we keep consistency of the security
    constraints across all development stages?
  • How can we represent security constraints in the
    lower levels?
  • What are the implications of wireless devices in
    our design models?
  • Representation using UML deployment diagrams

6
Wireless Devices Challenges
  • Limitations
  • Limited power
  • Limited communications bandwidth
  • Limited processing power
  • Relatively unreliable network connection
  • Mobile
  • Tend to get destroyed accidentally or maliciously
  • Have effect on security

7
Mapping I
8
Mapping II
  • XACML will allow us to express the security
    constraints defined in the conceptual model in
    XML
  • Simplified versions of security standards.

9
Authorization rule using XACML
"Permit manager to open account." There is a lot
of XML notation there, but essentially the rule
permits a specific subject, to perform a specific
action against a specific resource.
10
A Financial Institution Example
Use Case Diagram
11
Analysis Model with RBAC Authorization
12
Design Model
13
Correspondence of Rights
  • Rights defined for Customer (subject)
  • Views and wireless devices received a subset of
    these rights.
  • Example Wireless device can not download a
    complete list of transactions (limited number of
    records), but can read balance.

14
Correspondence of Rights
15
Conclusions and future work
  • We presented some ideas of how to map
    applications and security constraints defined in
    the analysis stage.
  • More work needs to be done to elaborate
    simplified versions of the security standards for
    web services and to map distribution and
    hardware.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Extending a secure development methodology to distributed systems" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!