Using Multi-Level Security Annotations to Improve Software Assurance
Current annotation technologies suffer from poor coverage over the development process phases, limited support for the broad scope of the security requirement types and inadequate interconnection between different process phases. In this paper, we introduce the concept of multi-level security annotation for software artifacts, which addresses these problems. Multi-level security annotations are traceable trough the development phases to provide a light-weight, user-friendly alternative to full-fledged assurance methodologies and simplify the system evolution over time with respect to security.
Eryk Kylikowski Riccardo Scandariato Wouter Joosen
DistriNet, Dept.of Computer Science, K.U.Leuven Celestijnenlaan 200A B-3001 Leuven, Belgium
国际会议
11th IEEE High Assurance Systems Engineering Symposium(HASE 2008)(第十一届IEEE高可信系统工程国际研讨会)
南京
英文
471-474
2008-12-03(万方平台首次上网日期,不代表论文的发表时间)