Interaction Partnering Criteria for COTS Components
نویسندگان
چکیده
Commercial-off-the-Shelf (COTS) software provides a choice of products to streamline enterprise applications. COTS software integration can introduce security vulnerabilities due to mismatches between security constraints coupled with inadequate knowledge of interaction requirements. Though a component can be validated against its stand-alone functional and security requirements, two aspects of the validation for its integration are missing. First, no straightforward process exists to guide the developer in identifying integration-induced security risks. Second, interaction properties contributing security risks are not part of COTS product evaluation. In the former case, a process is needed to take advantage of selection criteria. In the latter case, interaction partnering criteria criteria indicating how closely related the security constraints of two potentially communicating components are must be defined. We examine these issues by defining initial interaction partnering criteria and exploring there use in a security profile for COTS components.
منابع مشابه
A Model for Certifying COTS Components for Product Lines
1 An extended version of this paper will appear in the proceedings of the First Software Product Line Conference, Denver, Colorado, August, 2000 Abstract Specialized forms of software reuse, such as Commercial-Off-The-Shelf (COTS) based development and product line engineering (PLE), have a great deal of potential in practice. Using COTS components in developing product lines can streamline the...
متن کاملCriticality Analysis for COTS Software Components
Understanding the impact of the failure of a COTS software component with respect to key system properties (e.g. safety) is crucial to the successful use of COTS software products in a critical (safety-, security-, or mission-critical) application. In this paper, we describe a criticality analysis method based upon software architecture to assess the failure impact of potential COTS software co...
متن کاملChapter 53 Applying Social - Technical Approach for Cots Selection
Selecting Commercial-Off-The-Shelf (COTS) software components to fit requirements is still a problem because of the "black box" nature of COTS components and the rapid changes in marketplace. This paper describes the problems of COTS software evaluation and reviews existing frameworks to support COTS software evaluation and selection. Although a number of initiatives have been proposed to deal ...
متن کاملEarly Detection of Cots Functional Suitability for an E-Payment Case Study
The adoption of COTS-based development brings with it many challenges about the identification and finding of candidate components for reuse. Particularly, the first stage in the identification of COTS candidates is currently carried out dealing with unstructured information on the Web, which makes the evaluation process highly costing when applying complex evaluation criteria. To facilitate th...
متن کاملThe Requirements for a Cots Software Component: a Case Study
The goal of the GUARDS project is to design and develop a generic fault-tolerant computer architecture that can be built from predefined standardised components. The architecture favours the use of commercial off-the-shelf (COTS) hardware and software components. However, the assessment and selection of COTS components is a non-trivial task as it requires balancing a myriad of requirements from...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006