Skip to main content
SpringerLink
Log in
Book cover

International Conference on Infrastructure Security

InfraSec 2002: Infrastructure Security pp 180–198Cite as

DPS: An Architectural Style for Development of Secure Software

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2437))

Abstract

Many claim that software systems must be designed for security. This, however, is far from being an easy task, especially for complex systems. We believe that this difficulty can be alleviated by a set of —preferably rigorous— principles. We propose an architectural style, the Dual Protection Style (DPS), for constructing secure software. This style results from our experience in designing and implementing a distributed, multi-user, medium sized application. We present the applicability and effectiveness of our DPS style on the basis of a case study of a distributed software platform for virtual and mobile team collaboration called Motion. We further elaborate on the description of this architectural style, its formalization and the formal verification of some of its properties.

This work is supported by the European Commission in the Framework of the IST Program, Key Action II on New Methods of Work and eCommerce. Project number: IST-1999-11400 Motion (MObile Teamwork Infrastructure for Organizations Networking).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Lee Badger, Daniel F. Sterne, David L. Sherman, and Kenneth M. Walker. A domain and type enforcement UNIX prototype. USENIX Computing Systems, 9(1):47–83, 1996.

    Google Scholar 

  2. C.A.R Hoare. Communicating Sequential Processes. Prentice Hall, 1985.

    Google Scholar 

  3. Premkumar Devanbu and Stuart Stubblebine. Software engineering for security: a roadmap. In ICSE 2000 Special Volume on The Future of Software Engineering, 2000.

    Google Scholar 

  4. Antoni Diller. Z:An Introduction To Formal Methods. Oreilly, Mai 1996.

    Google Scholar 

  5. Pascal Fenkam, Harald Gall, and Mehdi Jazayeri. Visual Requirements Validation: Case Study in a Corba-supported environment. In Proceedings of the 10th IEEE Joint International RequirementsEngineering Conference, Essen, Germany, page to appear, September 2002.

    Google Scholar 

  6. Pascal Christian Fenkam. Dynamic user management system for web sites. Master’s thesis, Graz University of Technology and Vienna University of Technology, September 2000. Available from http//www.ist.tu-graz.ac.at/publications.

  7. Anup K Ghosh. Building software component from the ground up. IEEE Software, 19(1):14–16, January 2002.

    Article  Google Scholar 

  8. GMD. Xql ipsi, http://xml.darmstadt.gmd.de/xql/, 2002.

  9. Anthony Hall and Roderick Chapman. Correctness by construction: Developing a commercial secure system. IEEE Software, pages 18–25, February 2002.

    Google Scholar 

  10. Michael Howard and David LeBlanc. Writing Secure Code. Microsoft Press, 2001.

    Google Scholar 

  11. Daniel Jackson. Alloy: A lightweight object modelling notation. ACM Transactions on Software Engineering Methododlogy, 11(2), April 2002.

    Google Scholar 

  12. Daniel Jackson. Automatic analysis of architectural styles. Technical report, MIT Laboratory for Computer Sciences, Software Design Group, Unpublished Manuscript. Available at http://sdg.lcs.mit.edu/ dnj/publications.html.

  13. Kernighan and Pike. The Unix Programming Environment. Prentice Hall, April 1984.

    Google Scholar 

  14. Engin Kirda, Pascal Fenkam, Gerald Reif, and Harald Gall. A service architecture for mobile teamwork. In Proceedings of the 14th International Conference on Software Engineering Conference and Knowledge Engineering Ischia, ITALY, July 2002.

    Google Scholar 

  15. Charlie Lai, Li Gong, larry Koved, Anthony Nadalin, and Roland Schemers. User Authentication and Authorization in The Java Platform. In Proceedings of the 15thA nnual Computer Security Conference, Phoenix, AZ, December 1999.

    Google Scholar 

  16. Marry Shaw and David Garlan. Software Architecture-Perspectives on an Emerging Discipline. Prentice Hall, 1996.

    Google Scholar 

  17. Gary McGraw. Penetrate and patch is bad. IEEE Software, pages 15–16, February 2002.

    Google Scholar 

  18. Gary McGraw and Edward W. Felten. Securing Java, Getting Down to Business with Mobile Code. John Wiley and Sons, Inc, 1999.

    Google Scholar 

  19. Gian Pietro Picco and Gianpaolo Cugola. PeerWare: Core Middleware Support for Peer-To-Peer and Mobile Systems. Technical report, Dipartimento di Electronica e Informazione, Politecnico di Milano, 2001.

    Google Scholar 

  20. Nico Plat and Peter Gorm Larsen. An Overview of the ISO/VDM-SL Standard. In ACM SIGPLAN Notices. ACM SIGPLAN, September 1992.

    Google Scholar 

  21. Gerald Reif, Engin Kirda, Harald Gall, Gian Pietro Picco, Gianpaola Cugola, and Pascal Fenkam. A web-based peer-to-peer architecture for collaborative nomadic working. In 10th IEEE Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE), Boston, MA, USA. IEEE Computer Society Press, June 2001.

    Google Scholar 

  22. Michael P. Ressler. Security sensitive software development. In IEEE International Carnahan Conference on Security Technology (ICCST), 1989.

    Google Scholar 

  23. Sun Microsystem. Security code guidelines. Technical report, Sun Microsystem, February 2000. Available at http://java.sun.com/security/seccodeguide.html.

  24. The Institute of Applied Computer Science, IFAD. The IFAD VDM Toolbox. IFAD Danemark, 1999. Available from http://www.ifad.dk.

  25. The Open Group. Guide to Security Patterns, Draft 1. The Open Group, April 2002. Available at http://www.opengroup.org.

  26. Frank Tip and Jens Palsberg. Scalable Propagation-based Call Graph Construction Algorithms. In Proceedings of the ACM Conference on Object Oriented Programming Systems, Languages and Applications (OOPSLA 2000). ACM Press, October 2000.

    Google Scholar 

  27. John Viega and Gary McGraw. Building Secure Software, How to Avoid Security Problems the Right Way. Addison Wesley Professional Computing Series, 2002.

    Google Scholar 

  28. Joseph Yoder and Jeffrey Barcalow. Architectural patterns for enabling application security. In Proceedings of the Pattern Languages of Programming (PLoP) Workshop, September 1997.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Distributed Systems Group, Technical University of Vienna, Argentinierstrasse 8/184-1, A-1040, Vienna

    Pascal Fenkam, Harald Gall, Mehdi Jazayeri & Christopher Kruegel

Authors
  1. Pascal Fenkam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Harald Gall
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mehdi Jazayeri
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Christopher Kruegel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Wisconsin-Milwaukee, 53201, Milwaukee, WI, USA

    George Davida

  2. TechTegrity LLC, P.O. Box 2125, 07091, Westfield, NJ, USA

    Yair Frankel

  3. Hewlett-Packard Laboratories, Filton Road, Stoke Gifford, BS34 8QZ, Bristol, UK

    Owen Rees

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Fenkam, P., Gall, H., Jazayeri, M., Kruegel, C. (2002). DPS: An Architectural Style for Development of Secure Software. In: Davida, G., Frankel, Y., Rees, O. (eds) Infrastructure Security. InfraSec 2002. Lecture Notes in Computer Science, vol 2437. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45831-X_13

Download citation

  • DOI: https://doi.org/10.1007/3-540-45831-X_13

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-44309-4

  • Online ISBN: 978-3-540-45831-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation