Verification of Access Control Policies in Software Architectures

Aus SDQ-Institutsseminar
Vortragende(r) Julian Hinrichs
Vortragstyp Bachelorarbeit
Betreuer(in) Stephan Seifermann
Termin Fr 5. Oktober 2018
Kurzfassung Security in software systems becomes more important as systems becomes more complex and connected. Therefore, it is desirable to to conduct security analysis on an architectural level. A possible approach in this direction are data-based privacy analyses. Such approaches are evaluated on case studies. Most exemplary systems for case studies are developed specially for the approach under investigation. Therefore, it is not that simple to find a fitting a case study. The thesis introduces a method to create usable case studies for data-based privacy analyses. The method is applied to the Community Component Modeling Example (CoCoME). The evaluation is based on a GQM plan and shows that the method is applicable. Also it is shown that the created case study is able to check if illegal information flow is present in CoCoME. Additionally, it is shown that the provided meta model extension is able to express the case study.