1 / 26

Security Pattern Mining and Certification: An Evidence-Based Approach

Security Pattern Mining and Certification: An Evidence-Based Approach. Jungwoo Ryoo and Phillip Laplante Penn State University Rick Kazman University of Hawaii . Background. Software Patterns. Recurring problems Well known solutions Example: how to build a castle No need to

hubert
Télécharger la présentation

Security Pattern Mining and Certification: An Evidence-Based Approach

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Pattern Mining and Certification: An Evidence-Based Approach Jungwoo Ryoo and Phillip Laplante Penn State University Rick Kazman University of Hawaii

  2. Background Software Patterns • Recurring problems • Well known solutions • Example: how to build a castle • No need to • Start from scratch • Gang of Four • Erich Gamma et al., Design Patterns. Addison Wesley, 1994. Penn State University  University of Hawaii

  3. Background Types of Patterns Architectural Patterns Early Design Analysis Detailed Design Design Patterns Requirements Elicitation Implementation Inception Testing Deployment Software Development Life Cycle Penn State University  University of Hawaii

  4. Background Architectural vs. Design Patterns • Architectural pattern • Addresses overarching/cross-cutting concerns such as • Security • Performance • Usability • Modifiability • Reusability • Design pattern • Addresses functional requirements Penn State University University of Hawaii

  5. Background Patterns Community Penn State University University of Hawaii

  6. Motivation Architectural Pattern Characteristics • Community-driven • Size • Context-bound • Problem domain-specific • Multiple forces • Quality attributes Penn State University  University of Hawaii

  7. Motivation Architectural Patterns: Shortcomings • Community-driven • Long turn-around time Penn State University  University of Hawaii

  8. Motivation Architectural Patterns: Shortcomings • Still too • concrete and • restricting as a starting point (not malleable) • Need for a moreprimitive concept • Something that maps directly to a particular concern such as security Penn State University  University of Hawaii

  9. Motivation Architectural Patterns: Shortcomings • Already interwoven solutions • Due to their multi-force nature • No rigorous way to verify the • Effectiveness in addressing a particular quality attribute • Influence on other quality attributes Penn State University  University of Hawaii

  10. Our Approach Introducing Tactics • More fine grained concept than architectural patterns • Decomposition of an architectural pattern • Identification of building blocks of an architectural pattern • Mapping between a single quality attribute and an architectural pattern • Establishing the traceability Penn State University  University of Hawaii

  11. Our Approach Types of Patterns Tactics Architectural Patterns Very Early Design Early Design Analysis Detailed Design Design Patterns Requirements Elicitation Implementation Inception Testing Deployment Software Development Life Cycle Penn State University  University of Hawaii

  12. Our Approach Tactics: Benefits • No more guess work • Architects know exactly why they need a pattern! • Easier verification of effectiveness • Problem: privilege escalation • Solution: privilege separation vs. • Problem: Separation of concerns in Web applications • Solution: MVC or Model View Controller Penn State University  University of Hawaii

  13. Ongoing Research After-the-Fact Security Solutions • Today’s software security research mainly focuses on: • Testing • Static code analysis using software tools • Example • The Open Source Hardening Project • Coverity® tool Penn State University University of Hawaii

  14. Ongoing Research Analogy: a Secure Building vs. Penn State University University of Hawaii

  15. Security Tactics Hierarchy Penn State University University of Hawaii

  16. Ongoing Research Ultimate Goal of our Research • Proactively building a repository of high-level design strategies (referred to as tactics) whose effectiveness is verifiable, to help software architects develop their own customized structural design that is both secure and problem-specific. Penn State University University of Hawaii

  17. Ongoing Research What about a Community Process? • Of course, this repository could be built naturally through a community process based on consensus • Problems • Time • Verification Penn State University University of Hawaii

  18. Ongoing Research Methodology for Mining Tactics • We propose that tactics be mined proactively from the existing • Open source code base and • Patterns. • Currently, many tactics are misidentified as patterns. Penn State University University of Hawaii

  19. Ongoing Research Methodology for Scientific Verification • Open source projects can serve as a proving ground for scientifically verifying the effectiveness of a tactic. Penn State University University of Hawaii

  20. Ongoing Research Evidence-Based SE through Open Source • The methodology • Identify • Multiple open source projects • Defect and tactic pairs • For example, privilege escalation and separation • Compare • The number of defects • before and after the tactic within the same open source project by tracking the history of the defects • With or without the tactic among multiple open source project • Analysis • If the number of relevant defects • Goes down • Is smaller • The tactic is effective Penn State University University of Hawaii

  21. Publications Jungwoo Ryoo, Phil Laplante and Rick Kazman, In Search of Architectural Patterns for Software Security, Computer, 42 (6): 98-100, June 2009. Penn State University University of Hawaii

  22. Questions and Answers Penn State University University of Hawaii

  23. Relationship between Tactics and Patterns • Tactics • Help architects with an initial architectural design process • are building blocks of a pattern • Establish direct traceability between specific quality attributes and a pattern Penn State University University of Hawaii

  24. Differences between Tactics and Patterns • Atomicity • Force limitation • Problem specificity • Completeness • Tradeoffs between forces Penn State University University of Hawaii

  25. Ongoing Research Mining Tactics from Patterns Security • Compartmentalization • “Put each part in a separate security domain. Even when the security of one part is compromised, the other parts remain secure.” Resisting Attacks Limit Access Compartmentalization Penn State University University of Hawaii

  26. Example Tactics and Patterns “The authenticator pattern performs authentication of a requesting process before deciding access to distributed objects.” Penn State University University of Hawaii

More Related