Mda and security
Download
1 / 21

MDA and Security - PowerPoint PPT Presentation


  • 82 Views
  • Uploaded on

MDA and Security. October 12, 2006 FAU Secure Systems Group Patrick Morrison. Agenda. Motivation for “MDA and Security” Secure Systems Methodology, with patterns A quick tour of MDA, in English this time Example Application MDA in the development lifecycle Evaluation Criteria

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' MDA and Security' - adele-prince


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Mda and security

MDA and Security

October 12, 2006

FAU Secure Systems Group

Patrick Morrison


Agenda
Agenda

  • Motivation for “MDA and Security”

  • Secure Systems Methodology, with patterns

  • A quick tour of MDA, in English this time

  • Example Application

  • MDA in the development lifecycle

  • Evaluation Criteria

  • Contributions

  • Next Steps


The problem of security
The problem of Security

  • “A good percentage of the software deployed in industrial/commercial applications is of poor quality, it is unnecessarily complex, and contains numerous flaws that can be exploited by attackers.”

  • “We believe that the solution lies in developing secure software from the beginning, applying security principles along the whole life cycle…We see the use of patterns as a fundamental way, even for developers with little experience, to implicitly apply security principles.”

  • [MDSSP, EBF, et. al.]




Design and other patterns
Design (and other) patterns

  • “A design pattern names, abstracts and identifies the key aspects of a common design structure that makes it useful for creating a reusable object-oriented design” [GOF, pg 3]


The promise of mda
The promise of MDA

  • by using “precise but abstract and graphical representations of algorithms, MDA allows the construction of computing systems from models that can be understood much more quickly and deeply than can programming language “code” [MDAD, pg. xiv].


The question s
The Question(s)

  • Can MDA be applied to the design and construction of secure systems?

  • To what degree is it now possible to work in terms of high-level models rather than code?

  • Does MDA allow for the creation and reuse of generic models?

  • Does MDA reduce the amount of low-level work that needs to be done?


Combining patterns security and mda soupcan
Combining Patterns, Security and MDA: SOUPCAN

  • Secure grOUP Chat Application for Networks

  • Provide invitation-only chat rooms with secure communications, allowing participants to form “cliques” in order to gossip, plan wars, etc…

  • Example of using the secure systems methodology with MDA


Soupcan
SOUPCAN

  • Requirements chosen to facilitate use of existing security patterns, e.g. Reference Monitor, Authenticator, Authorizer, Credentials, Secure Broker

  • (Hopefully) Small enough to be implementable

  • (Hopefully) Large enough to illustrate issues in application of MDA, Secure Systems with Patterns Methodology.


Lifecycle step analysis
Lifecycle Step: Analysis

  • Process: Evaluate requirements, identify use cases, high-level structure, apply patterns where appropriate

  • Results: Application model containing UML Use Case and Class diagrams


Soupcan use cases
SOUPCAN Use Cases

  • UML Built with MagicDraw

  • Stored as XMI data

  • Excerpt:

    <UML:Actorxmi.id="249272_1" name="Host" />

    <UML:Actorxmi.id="940417_17" name="Participant" />

    <UML:Actorxmi.id="448524_33" name="Administrator" />

    <UML:UseCasexmi.id="949209_49" name="Administration" />

    <UML:UseCasexmi.id=“838290_60" name="Invitation" />

    <UML:UseCasexmi.id="896208_71" name="Registration" />

    <UML:UseCasexmi.id="428793_82" name="Chat" />

    <UML:Association xmi.id="975434_95">

    <UML:Association.connection>

    <UML:AssociationEndxmi.id="250191_93" isNavigable="true" participant="249272_1" />

    <UML:AssociationEndxmi.id="742224_94" isNavigable="true" participant="838290_60" />

    </UML:Association.connection>

    </UML:Association>


Lifecycle step design
Lifecycle Step: Design

  • Process: Develop class and sequence diagrams which implement the Use Cases, apply patterns where appropriate

  • Results: Application and Security models containing UML Class and sequence diagrams



SOUPCAN Class Diagram

It’s (Secure) Broker!



Lifecycle step implementation
Lifecycle Step: Implementation

  • Process: Select a platform and platform model, make connections between the design and the platform, via the platform model

  • Selected: MagicDraw, androMDA, C#, ASP.NET, Visual Studio, nHibernate, …

  • Results: Code generated from the models


Implementation details
Implementation Details…

Mapping…

:32,997 - discovering namespaces -

:34,440 found namespace --> 'aspdotnet'

:34,440 + registering component 'cartridge'

:34,870 + registering component 'metafacades'

:35,331 + registering component 'profile'

:40,628 found namespace --> 'uml-1.4'

:40,628 + registering component 'metafacades'

:41,960 + registering component 'profile'

:42,000 found namespace --> 'validation'

:42,010 + registering component 'translation-library'

:53,948 - core initialization complete: 22.373[s] -

:54,568 loading model --> 'file:C://TimeTracker.Model.xmi'

:58,905 referenced model --> 'jar:file:/uml14/profile/profile-.xml'

:59,045 referenced model --> 'profile-datatype.xml'

:59,285 referenced model --> 'profile-service.xml'

:59,445 referenced model --> 'profile-process.xml'

:59,576 referenced model --> 'profile-presentation.xml'

:59,746 referenced model --> 'profile-meta.xml'

:59,866 referenced model --> 'profile-xml.xml'

:59,986 referenced model --> 'andromda-profile-persistence.xml'

:01,118 - loading complete: 7.13[s] -

:01,118 - validating model -

:06,175 - validation complete: 5.057[s] -

:07,076 INFO [AndroMDA:cs] Output: 'file:/C:../TimeTracker/VO/UserVO.cs'

// Name: UserVO.cs

// Attention: Generated code! Do not modify by hand! (I did anyway)

// Generated by: ValueObject.vsl in andromda-cs-cartridge.

using System;

namespace Northwind.TimeTracker.VO

{

[Serializable]

public class UserVO

{

#region Attributes and Associations

private long _id;

private String _userName;

private String[] _roles;

#endregion

#region Constructors

public UserVO(long id, String userName,

String[] roles)

{

this._id = id;

this._userName = userName;

this._roles = roles;

}


Evaluation
Evaluation

  • Does the generated code implement the design? Can users of the system chat?

  • How secure is the system? Is it correlated to the design models?

  • How independent are the Application, Security and Platform models? Can, for example, the Security model be reused with a different application model? With a different platform model?

  • Does MDA keep its promise? How much programming language coding needs to be done?


Contributions
Contributions

  • A UML Model for security, based on patterns

  • A worked example of the Secure Systems Methodology, through Analysis, Design and Implementation.

  • A worked example of MDA development

  • Description of a tool chain for building MDA applications (MagicDraw, androMDA, Visual Studio 2005, etc)

  • An example application, with requirements and design.


Next steps
Next Steps…

  • Complete design of SOUPCAN

  • Split design into separate Application and security models, link them

  • Document experiences, issues with using the current tools


ad