Visible to the public Architecture Based Self-Protecting Software SystemsConflict Detection Enabled

TitleArchitecture Based Self-Protecting Software Systems
Publication TypeConference Proceedings
Year of Publication2013
AuthorsEric Yuan, Sam Malek, Bradley Schmerl, David Garlan, Jeffrey Gennari
Conference NameQoSA '13 Proceedings of the 9th international ACM Sigsoft conference on Quality of software architectures
Date Published06/2013
PublisherACM New York, NY, USA ©2013
Conference LocationVancouver, British Columbia, Canada
ISBN978-1-4503-2126-6
KeywordsCMU, Self-Protection; Software Architecture; Software Security
Abstract

Since conventional software security approaches are often manually developed and statically deployed, they are no longer sufficient against today's sophisticated and evolving cyber security threats. This has motivated the development of self-protecting software that is capable of detecting security threats and mitigating them through runtime adaptation techniques. In this paper, we argue for an architecture-based self- protection (ABSP) approach to address this challenge. In ABSP, detection and mitigation of security threats are informed by an architectural representation of the running system, maintained at runtime. With this approach, it is possible to reason about the impact of a potential security breach on the system, assess the overall security posture of the system, and achieve defense in depth. To illustrate the effectiveness of this approach, we present several architecture adaptation patterns that provide reusable detection and mitigation strategies against well-known web application security threats. Finally, we describe our ongoing work in realizing these patterns on top of Rainbow, an existing architecture-based adaptation framework.

DOI10.1145/2465478.2465479
Citation Keynode-30117

Other available formats:

Yuan_Arch_Based_Self_Protecting_DG.pdf
AttachmentTaxonomyKindSize
Yuan_Arch_Based_Self_Protecting_DG.pdfPDF document1.03 MBDownloadPreview
AttachmentSize
bytes