Preserving Confidentiality in Component Compositions

Abstract : The preservation of any security property for the composition of components in software engineering is typically regarded a non-trivial issue. Amongst the different possible properties, confidentiality however poses the most challenging one. The naive approach of assuming that confidentiality of a composition is satisfied if it is provided by the individual components may lead to insecure systems as specific aspects of one component may have undesired effects on others. In this paper we investigate the composition of components that each on its own provide confidentiality of their data. We carve out that the complete behaviour between components needs to be considered, rather than focussing only on the single interaction points or the set of actions containing the confidential data. Our formal investigation reveals different possibilities for testing of correct compositions of components, for the coordinated distributed creation of composable components, and for the design of generally composable interfaces, ensuring the confidentiality of the composition.
Type de document :
Communication dans un congrès
Walter Binder; Eric Bodden; Welf Löwe. 12th International Conference on Software Composition (SC), Jun 2013, Budapest, Hungary. Springer, Lecture Notes in Computer Science, LNCS-8088, pp.33-48, 2013, Software Composition. 〈10.1007/978-3-642-39614-4_3〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01492775
Contributeur : Hal Ifip <>
Soumis le : lundi 20 mars 2017 - 15:34:54
Dernière modification le : mardi 16 janvier 2018 - 15:43:54
Document(s) archivé(s) le : mercredi 21 juin 2017 - 13:12:17

Fichier

978-3-642-39614-4_3_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Andreas Fuchs, Sigrid Gürgens. Preserving Confidentiality in Component Compositions. Walter Binder; Eric Bodden; Welf Löwe. 12th International Conference on Software Composition (SC), Jun 2013, Budapest, Hungary. Springer, Lecture Notes in Computer Science, LNCS-8088, pp.33-48, 2013, Software Composition. 〈10.1007/978-3-642-39614-4_3〉. 〈hal-01492775〉

Partager

Métriques

Consultations de la notice

26

Téléchargements de fichiers

21