AuthorsP. H. Nguyen
TitleModel-Driven Security With Modularity and Reusability For Engineering Secure Software Systems
AfilliationSoftware Engineering, Software Engineering
Publication TypePhD Thesis
Year of Publication2015
Number of Pages213
Date Published09/2015
PublisherUniversity of Luxembourg
Place PublishedLuxembourg
Thesis TypephdPhD
KeywordsAspect-Oriented Modelling, DSL, MDE, MDS, Model Composition, model transformations, Model-Driven Security, Pattern Refinement, RAM, Security By Design, Security Design Patterns, Security Testing, Systematic Review

Context: The more human beings depend on software systems, the more important role that software security engineering must play to build secure software systems. Model-Driven Security (MDS) emerged more than a decade ago as a specialised Model-Driven Engineering (MDE) research area for engineering secure software systems. MDS is promising but not mature yet. Our recent systematic literature review (SLR) has revealed several current limitations and open issues in the state of the art of MDS research. 
Objectives: This PhD work aims at addressing three of the main open issues in the current state of the art of MDS research that are pointed out by the SLR. First, our SLR shows that multiple security concerns need to be handled together more systematically. Second, true Aspect-Oriented Modelling techniques for better ensuring the separation- of-concern in MDS approaches could have been leveraged more extensively. Third, complete tool chains based on integrated MDE techniques covering all the main stages of the development cycle are emerging, but still very rare. 
Methods: On one hand, we develop a full MDS framework with modularity based on domain-specific modelling, model transformations, and model-based security testing. This MDS framework can help us to deal with complex delegation mechanisms in access control administration, from modelling till testing. On the other hand, we propose a highly modular, reusable MDS solution based on a System of Security design Patterns (SoSPa) and reusable aspect models to tackle multiple security concerns systematically. 
Results: First, an extensive SLR has been conducted for revealing and analysing the current state of the art of MDS research. Second, a full MDS framework focusing on modularity has been proposed that integrates domain-specific modelling, model transformations, and model-based security testing to support all the main stages of an MDS development cycle. Third, we have developed a highly reusable, modular MDS approach based on a System of Security design Patterns for handling multiple security concerns together systematically. Finally, we have showed how our MDS approaches can be integrated in a full MDS framework, called MDS-MoRe, which could be the basis of a complete tool chain for MDS development of secure systems. 
Conclusion: In this thesis, integrated MDS methodologies with modularity and reusability have been proposed for engineering secure software systems. This work has tackled three main current open issues in MDS research revealed from an extensive SLR.


Contact person