000000018 001__ 18
000000018 005__ 20130522141940.0
000000018 037__ $$aLERSSE-RefJnlPaper-2005-002
000000018 041__ $$aeng
000000018 100__ $$aYi Deng
000000018 100__ $$aJiacun Wang
000000018 100__ $$aJeffrey J. P. Tsai
000000018 100__ $$aKonstantin Beznosov	
000000018 245__ $$aSupporting end-to-end Security Across Proxies with Multiple-Channel SSL
000000018 260__ $$c2005-10-16
000000018 520__ $$aSecurity system architecture governs the composition of components in security systems and interactions between them. It plays a central role in the design of software security systems that ensure secure access to distributed resources in networked environment. To this end, the security system must not only make constituent components work together, but also ensure that the components as a whole behave consistently and guarantee certain end-to-end properties. One such critical property is that the system as a whole must consistently assure security policies that it supposes to enforce. However, there is currently no rigorous and systematic ways to predict and assure such critical properties in security system design. In this paper, a systematic approach is introduced to address the problem. We present a methodology to model security system architectures and to verify whether required security constraints are assured by the composition of its components. We introduce the concept of security constraint patterns, which formally specify the generic form of security policies that all implementations of the system architecture must enforce. The analysis of the architecture is driven by the propagation of the global security constraints onto the components in an incremental process. We show that our methodology is both flexible and scalable. It is argued that such a methodology not only ensures the integrity of critical early design decisions, but also provides a framework to guide correct implementations of the design. We demonstrate the methodology through a case study, in which we model and analyze the architecture of the Resource Access Decision (RAD) Facility, an OMG standard for application-level authorization service. 
000000018 6531_ $$asecurity system architectures
000000018 6531_ $$aRAD
000000018 6531_ $$aengineering security mechanisms 
000000018 8560_ $$fqiangw@ece.ubc.ca
000000018 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/18/files/18.pdf$$yTransfer from CDS 0.99.7
000000018 909C4 $$p  Yong Song, Victor C. M. Leung, Konstantin Beznosov, Supporting end-to-end Security Across Proxies with Multiple-Channel SSL, Security and Protection in Information Processing Systems, Vol 147, 2004, 323-337 
000000018 980__ $$aRefJnlPaper