Dealing with Uncertainty in Architectural Confidentiality Analysis
Hahner, Sebastian
Abstract (englisch):
In a connected world, confidentiality becomes increasingly critical. To cope with confidentiality on a higher abstraction level of software systems, architectural analyses have been proposed. By explicitly modeling data in the system design, the validity of access control policies can be ensured. However, the required information for such analyses is often too imprecise due to the high degree of uncertainty at design-time which results in incomplete and inaccurate policies. In this paper, we describe three key challenges while facing uncertainty and show how software architects could be supported in enhancing confidentiality throughout software design and evolution.
| Zugehörige Institution(en) am KIT | Institut für Informationssicherheit und Verlässlichkeit (KASTEL) Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL) |
| Publikationstyp | Proceedingsbeitrag |
| Publikationsdatum | 23.02.2021 |
| Sprache | Englisch |
| Identifikator | KITopen-ID: 1000138830 |
| HGF-Programm | 46.23.03 (POF IV, LK 01) Engineering Security for Mobility Systems |
| Erschienen in | Proceedings of the Software Engineering 2021 Satellite Events |
| Veranstaltung | GI Software Engineering Tagung (SE 2021), Online, 22.02.2021 – 26.02.2021 |
| Verlag | Gesellschaft für Informatik (GI) |
| Seiten | 1–6 |
| Bemerkung zur Veröffentlichung | 8th Collaborative Workshop on Evolution and Maintenance of Long-Living Software Systems (EMLS'21) |
| Schlagwörter | Software Architecture, Confidentiality, Access Control, Uncertainty |