Architectural Optimization for Confidentiality Under Structural Uncertainty
Walter, Maximilian
1; Hahner, Sebastian
1; Seifermann, Stephan
1; Bures, Tomas; Hnetynka, Petr; Pacovský, Jan; Heinrich, Robert 1
1 Institut für Informationssicherheit und Verlässlichkeit (KASTEL), Karlsruher Institut für Technologie (KIT)
1; Hahner, Sebastian
1; Seifermann, Stephan
1; Bures, Tomas; Hnetynka, Petr; Pacovský, Jan; Heinrich, Robert 11 Institut für Informationssicherheit und Verlässlichkeit (KASTEL), Karlsruher Institut für Technologie (KIT)
Abstract:
More and more connected systems gather and exchange data. This allows building smarter, more efficient and overall better systems.
However, the exchange of data also leads to questions regarding the confidentiality of these systems. Design notions such as Security by Design or Privacy by Design help to build secure and confidential systems by considering confidentiality already at the design-time.
During the design-time, different analyses can support the architect. However, essential properties that impact confidentiality, such as the deployment, might be unknown during the design-time, leading to structural uncertainty about the architecture and its confidentiality. Structural uncertainty in the software architecture represents unknown properties about the structure of the software architecture. This can be, for instance, the deployment or the actual implementation of a component.
For handling this uncertainty, we combine a design space exploration and optimization approach with a dataflow-based confidentiality analysis. This helps to estimate the confidentiality of an architecture under structural uncertainty.
We evaluated our approach on four application examples. ... mehr
However, the exchange of data also leads to questions regarding the confidentiality of these systems. Design notions such as Security by Design or Privacy by Design help to build secure and confidential systems by considering confidentiality already at the design-time.
During the design-time, different analyses can support the architect. However, essential properties that impact confidentiality, such as the deployment, might be unknown during the design-time, leading to structural uncertainty about the architecture and its confidentiality. Structural uncertainty in the software architecture represents unknown properties about the structure of the software architecture. This can be, for instance, the deployment or the actual implementation of a component.
For handling this uncertainty, we combine a design space exploration and optimization approach with a dataflow-based confidentiality analysis. This helps to estimate the confidentiality of an architecture under structural uncertainty.
We evaluated our approach on four application examples. ... mehr
| Zugehörige Institution(en) am KIT | Institut für Informationssicherheit und Verlässlichkeit (KASTEL) Institut für Programmstrukturen und Datenorganisation (IPD) |
| Publikationstyp | Proceedingsbeitrag |
| Publikationsjahr | 2022 |
| Sprache | Englisch |
| Identifikator | ISBN: 978-3-031-15115-6 ISSN: 0302-9743 KITopen-ID: 1000150491 |
| HGF-Programm | 46.23.03 (POF IV, LK 01) Engineering Security for Mobility Systems |
| Erschienen in | Software Architecture : 15th European Conference, ECSA 2021 Tracks and Workshops; Växjö, Sweden, September 13–17, 2021 : Revised Selected Papers. Ed.: P. Scandurra |
| Veranstaltung | 15th European Conference on Software Architecture (ECSA 2021), Online, 13.09.2021 – 17.09.2021 |
| Verlag | Springer Nature Switzerland |
| Seiten | 309–332 |
| Serie | Lecture Notes in Computer Science ; 13365 |
| Bemerkung zur Veröffentlichung | Gesamtwerk DOI: 10.1007/978-3-031-15116-3 |
| Vorab online veröffentlicht am | 19.08.2022 |
| Nachgewiesen in | Scopus Dimensions |