DPS: An Architectural Style for Development of Secure Software

  • Pascal Fenkam
  • Harald Gall
  • Mehdi Jazayeri
  • Christopher Kruegel
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2437)


Many claim that software systems must be designed for security. This, however, is far from being an easy task, especially for complex systems. We believe that this difficulty can be alleviated by a set of —preferably rigorous— principles. We propose an architectural style, the Dual Protection Style (DPS), for constructing secure software. This style results from our experience in designing and implementing a distributed, multi-user, medium sized application. We present the applicability and effectiveness of our DPS style on the basis of a case study of a distributed software platform for virtual and mobile team collaboration called Motion. We further elaborate on the description of this architectural style, its formalization and the formal verification of some of its properties.


Authorization and Access Control Security Engineering Formal Methods Software Architecture Architectural Style Alloy 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Lee Badger, Daniel F. Sterne, David L. Sherman, and Kenneth M. Walker. A domain and type enforcement UNIX prototype. USENIX Computing Systems, 9(1):47–83, 1996.Google Scholar
  2. 2.
    C.A.R Hoare. Communicating Sequential Processes. Prentice Hall, 1985.Google Scholar
  3. 3.
    Premkumar Devanbu and Stuart Stubblebine. Software engineering for security: a roadmap. In ICSE 2000 Special Volume on The Future of Software Engineering, 2000.Google Scholar
  4. 4.
    Antoni Diller. Z:An Introduction To Formal Methods. Oreilly, Mai 1996.Google Scholar
  5. 5.
    Pascal Fenkam, Harald Gall, and Mehdi Jazayeri. Visual Requirements Validation: Case Study in a Corba-supported environment. In Proceedings of the 10th IEEE Joint International RequirementsEngineering Conference, Essen, Germany, page to appear, September 2002.Google Scholar
  6. 6.
    Pascal Christian Fenkam. Dynamic user management system for web sites. Master’s thesis, Graz University of Technology and Vienna University of Technology, September 2000. Available from http//www.ist.tu-graz.ac.at/publications.
  7. 7.
    Anup K Ghosh. Building software component from the ground up. IEEE Software, 19(1):14–16, January 2002.CrossRefGoogle Scholar
  8. 8.
    GMD. Xql ipsi, http://xml.darmstadt.gmd.de/xql/, 2002.
  9. 9.
    Anthony Hall and Roderick Chapman. Correctness by construction: Developing a commercial secure system. IEEE Software, pages 18–25, February 2002.Google Scholar
  10. 10.
    Michael Howard and David LeBlanc. Writing Secure Code. Microsoft Press, 2001.Google Scholar
  11. 11.
    Daniel Jackson. Alloy: A lightweight object modelling notation. ACM Transactions on Software Engineering Methododlogy, 11(2), April 2002.Google Scholar
  12. 12.
    Daniel Jackson. Automatic analysis of architectural styles. Technical report, MIT Laboratory for Computer Sciences, Software Design Group, Unpublished Manuscript. Available at http://sdg.lcs.mit.edu/ dnj/publications.html.
  13. 13.
    Kernighan and Pike. The Unix Programming Environment. Prentice Hall, April 1984.Google Scholar
  14. 14.
    Engin Kirda, Pascal Fenkam, Gerald Reif, and Harald Gall. A service architecture for mobile teamwork. In Proceedings of the 14th International Conference on Software Engineering Conference and Knowledge Engineering Ischia, ITALY, July 2002.Google Scholar
  15. 15.
    Charlie Lai, Li Gong, larry Koved, Anthony Nadalin, and Roland Schemers. User Authentication and Authorization in The Java Platform. In Proceedings of the 15thA nnual Computer Security Conference, Phoenix, AZ, December 1999.Google Scholar
  16. 16.
    Marry Shaw and David Garlan. Software Architecture-Perspectives on an Emerging Discipline. Prentice Hall, 1996.Google Scholar
  17. 17.
    Gary McGraw. Penetrate and patch is bad. IEEE Software, pages 15–16, February 2002.Google Scholar
  18. 18.
    Gary McGraw and Edward W. Felten. Securing Java, Getting Down to Business with Mobile Code. John Wiley and Sons, Inc, 1999.Google Scholar
  19. 19.
    Gian Pietro Picco and Gianpaolo Cugola. PeerWare: Core Middleware Support for Peer-To-Peer and Mobile Systems. Technical report, Dipartimento di Electronica e Informazione, Politecnico di Milano, 2001.Google Scholar
  20. 20.
    Nico Plat and Peter Gorm Larsen. An Overview of the ISO/VDM-SL Standard. In ACM SIGPLAN Notices. ACM SIGPLAN, September 1992.Google Scholar
  21. 21.
    Gerald Reif, Engin Kirda, Harald Gall, Gian Pietro Picco, Gianpaola Cugola, and Pascal Fenkam. A web-based peer-to-peer architecture for collaborative nomadic working. In 10th IEEE Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE), Boston, MA, USA. IEEE Computer Society Press, June 2001.Google Scholar
  22. 22.
    Michael P. Ressler. Security sensitive software development. In IEEE International Carnahan Conference on Security Technology (ICCST), 1989.Google Scholar
  23. 23.
    Sun Microsystem. Security code guidelines. Technical report, Sun Microsystem, February 2000. Available at http://java.sun.com/security/seccodeguide.html.
  24. 24.
    The Institute of Applied Computer Science, IFAD. The IFAD VDM Toolbox. IFAD Danemark, 1999. Available from http://www.ifad.dk.
  25. 25.
    The Open Group. Guide to Security Patterns, Draft 1. The Open Group, April 2002. Available at http://www.opengroup.org.
  26. 26.
    Frank Tip and Jens Palsberg. Scalable Propagation-based Call Graph Construction Algorithms. In Proceedings of the ACM Conference on Object Oriented Programming Systems, Languages and Applications (OOPSLA 2000). ACM Press, October 2000.Google Scholar
  27. 27.
    John Viega and Gary McGraw. Building Secure Software, How to Avoid Security Problems the Right Way. Addison Wesley Professional Computing Series, 2002.Google Scholar
  28. 28.
    Joseph Yoder and Jeffrey Barcalow. Architectural patterns for enabling application security. In Proceedings of the Pattern Languages of Programming (PLoP) Workshop, September 1997.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Pascal Fenkam
    • 1
  • Harald Gall
    • 1
  • Mehdi Jazayeri
    • 1
  • Christopher Kruegel
    • 1
  1. 1.Distributed Systems GroupTechnical University of ViennaVienna

Personalised recommendations