This paper presents a set of transformation rules for transforming a non-secure interaction model to a secure interaction model using an access control pattern. The transformation rules resolve conflicts, uncertainties and type mismatches that may arise during pattern application. We demonstrate a case study using the Mandatory Access Control pattern and a defense messaging system in the milita...

Two basic paradigms towards speciication of information security requirements can be taken: continuous speciication and early speciication of requirements. In models supporting continuous specii-cation and reenement of information security requirements, the development organization is more vulnerable to the tampering with partially speciied requirement primitives. This paper proposes a formal m...

We show how to extend a coordination language with support for aspect oriented programming. The main challenge is how to properly deal with the trapping of actions before the actual data have been bound to the formal parameters. This necessitates dealing with open joinpoints – which is more demanding than the closed joinpoints in more traditional aspect oriented languages like AspectJ. The usef...

ÐThis paper investigates the problem of inference channels that occur when database constraints are combined with nonsensitive data to obtain sensitive information. We present an integrated security mechanism, called the Disclosure Monitor, which guarantees data confidentiality by extending the standard mandatory access control mechanism with a Disclosure Inference Engine. The Disclosure Infere...

MAC (Mandatory Access Control) has the ability to improve security of Linux operating system dramatically. However, defining and managing proper policy is not easily achieved because program dependencies are usually invisible from system administrators. This paper presents the challenges in providing automatic policy generation based on process execution history.

This paper describes the implementation of an enforcement module for file system security implemented as part of a security architecture for distributed systems which enforces a centrally administered security policy under the Windows NT operating system platform. The mechanism provides mandatory access control, encryption, and auditing on an individual file basis across distributed systems whi...

In this paper we tackle the challenge of providing a generic security architecture for the Android OS that can serve as a flexible and effective ecosystem to instantiate different security solutions. In contrast to prior work our security architecture, termed FlaskDroid, provides mandatory access control simultaneously on both Android’s middleware and kernel layers. The alignment of policy enfo...

With the growing use of wireless networks and mobile devices, we are moving towards an era where location information will be necessary for access control. The use of location information can be used for enhancing the security of an application, and it can also be exploited to launch attacks. For critical applications, such as the military, a formal model for location-based access control is ne...

The objective of this research is to develop techniques that integrate alternative security concerns (e.g., mandatory access control, delegation, authentication, etc.) into the software process. The resulting model-driven framework preserves separation of security concerns from modeling through implementation, and allows security personnel to pick and choose security concerns to concerns promot...

Cross-app collaboration via inter-component communication is a fundamental mechanism on Android. Although it brings the benefits such as functionality reuse and data sharing, a threat called component hijacking is also introduced. By hijacking a vulnerable component in victim apps, an attack app can escalate its privilege for originally prohibited operations. Many prior studies have been perfor...