Architecture-Centric Approach to Predicting Security
• Brochure
This information sheet describes an approach to security analysis that allows software validation by identifying data elements to be protected, components that should be allowed access to those elements, and appropriate communication channels.
Publisher
Software Engineering Institute
Abstract
The SEI has developed model-based engineering tools, methods, and analytical techniques to validate security according to flow-based approaches and standard security protocols such as Bell-LaPadula, Chinese Wall, and role-based access control. The SEI approach allows software validation by identifying data elements to be protected, components that should be allowed access to those elements, and appropriate communication channels. This analysis permits the designer to enforce security at the minimum level required, use sanitization, and map software architecture to hardware.