Advanced Search

Content Type

Topics

Publication Date

Architecture-Centric Approach to Predicting Security

  • Publish Date:
  • Publisher: Software Engineering Institute
  • Type: Brochure
  • Topics: Performance and Dependability, Software Architecture
  • Description: This information sheet describes an approach to security analysis that allows software validation by identifying data elements to be protected, components that should be allowed access to those elements, and appropriate communication channels.

Abstract

The SEI has developed model-based engineering tools, methods, and analytical techniques to validate security according to flow-based approaches and standard security protocols such as Bell-LaPadula, Chinese Wall, and role-based access control. The SEI approach allows software validation by identifying data elements to be protected, components that should be allowed access to those elements, and appropriate communication channels. This analysis permits the designer to enforce security at the minimum level required, use sanitization, and map software architecture to hardware.