SlideShare a Scribd company logo

TESEM: A Tool for Verifying Security Design Pattern Applications

Hironori Washizaki
Hironori Washizaki

Because software developers are not necessarily security experts, identifying potential threats and vulnerabilities in the early stage of the development process is often insufficient. Even if these issues are addressed at an early stage, it does not guarantee that the final software product actually satisfies security requirements. To realize secure design and implementation, we propose extended security patterns, which include requirement- and design-level patterns as well as a new model testing and model-based code testing process. Our approach is implemented in a tool called TESEM, Test Driven Secure Modeling Tool, which supports pattern applications by creating a script to execute model testing automatically (ARES'13, IJSSE'14, ICST'15). Moreover we recently extended the tool to support testing of security design patterns implementation by preparing testcase templates (ARES'14). By using the tool, developers can specify threats and vulnerabilities in the target design and implementation according to security design patterns, verify whether the security patterns are properly applied, and assesses whether these vulnerabilities are resolved.

Software
1 of 36
Download to read offline
A Tool for Verifying Security Design Pattern Applications Hironori Washizaki Waseda University, Tokyo, Japan Collaborators: Takanori Kobashi, Masatoshi Yoshizawa, Yoshiaki Fukazawa (Waseda University) Takao Okubo (Institute of Information Security) Haruhiko Kaiya (Kanagawa University) Nobukazu Yoshioka (National Institute of informatics) InSTA 2016, Chicago, Apr 10, 2016
• Prof., Head, Global Software Engineering Laboratory, Waseda University • Visiting Assoc. Prof., National Institute of Informatics • Chair, IEEE CS Japan Chapter • Chair, SEMAT Japan Chapter • Convenor, ISO/IEC/JTC1/SC7/WG20 • Co-Chair, IEEE ICST’17 Toyo 2 “Hiro”nori Washizaki
Agenda • Introduction • Security patterns • TESEM: testing models • TESEM: testing code • Conclusion and discussion 4
Appropriate design Inappropriate design What’s the problem? 5 Role-based access control (RBAC) pattern
TESEM: Test Driven Secure Modeling Tool • Security design/implementation guided by testing pattern applications [ARES’13][ARES’14][IJSSE’14][ICST’15] 6 Security pattern Problem Solution Context Test design as requirement ! create Actor ! create UI : ! create Subject.. Constraint, script Test case Testing [ARES’13] Validating Security Design Pattern Applications Using Model Testing, Int’l Conf. Availability, Reliability and Security [ARES’14] Verification of Implementing Security Design Patterns Using a Test Template, Int’l Conf. Availability, Reliability and Security [IJSSE’14] Validating Security Design Pattern Applications by Testing Design Models, Int’l J. Secure Software Engineering 5(4) [ICST’15] TESEM: A Tool for Verifying Security Design Pattern Applications by Model Testing, IEEE ICST’15 Tools Track
Agenda • Introduction • Security patterns • TESEM: testing models • TESEM: testing code • Conclusion and discussion 7
Security for every phase • Security concerns must be addressed at every phase 8 Requirement Design Implementation Test Security concerns Security requirements Security design Threat modeling Secure coding and review Security testingSecurity design review
Patterns are promising at any phase 9 Requirement Design Implementation Test Security concerns SecurityTesting Security Requirement Patterns Security Design Patterns Patterns • Recurrent problems and solutions under specific contexts • For requirements definition, design, implementation and testing!
• Name: Role-based access control (RBAC) • Problem: How do we assign rights to people based on their functions or tasks? • Solution: Assign users to roles and give rights to these roles so they can perform their tasks. • Related patterns: Authorization, ... User id name ProtectionObject id name * *Authorization_rule Right access_type predicate copy_flag checkRights Role id name **MemberOf Example of security pattern
11 T. Heyman, “An Analysis of the Security Patterns Landscape,” 2007 Number of well described security patterns is increasing Security patterns landscape [Heyman’07]
Pattern-oriented test architecture • Security by proven patterns – Security requirements, secure design and implementation • Patterns as abstract test cases – Possible to prepare abstract “constraints” and “templates” for testing model and code – Necessary to concretize patterns against concrete requirement/design/code 12 Security patterns Problem Solution Context Abstract constraints, templates Concrete constraints, test cases
Security pattern researches [PLoP’15] 13 [PLoP’15] Systematic Mapping of Security Patterns Research, Conf. Pattern Languages of Programs Conference Application 46% Case studies 13%Modeling 7% Detection 7% Validation 7% Selection 7% Others 13%
Agenda • Introduction • Security patterns • TESEM: testing models • TESEM: testing code • Conclusion and discussion 14
TESEM: Test Driven Secure Modeling Tool [ARES’13][IJSSE’14][ICST’15] 15 Security Design Pattern Problem Solution Context Test design as requirement ! create Actor ! create UI : ! create Subject.. Test Script Test case Testing [ARES’13] Validating Security Design Pattern Applications Using Model Testing, Int’l Conf. Availability, Reliability and Security [IJSSE’14] Validating Security Design Pattern Applications by Testing Design Models, Int’l J. Secure Software Engineering 5(4) [ICST’15] TESEM: A Tool for Verifying Security Design Pattern Applications by Model Testing, IEEE ICST’15 Tools Track
Application of Security Design Patterns (SDP) Role Based Access Control ・Context ・Problem ・Solution ・Structure Apply Model not considering security Model that realizes access control based on Role 16
Apply SDPUML UML Incorrect pattern application Vulnerabilities are not resolved Conventional problematic process Identify assets, threats, and countermeasures Select SDP 17
Security patterns with OCL constraints 18 Access control ・Context ・Problem ・Solution ・Structure Security Requirement Patterns Security Design Patterns ・Asset ・Threat ・Countermeasure: Security property OCL trace Role-based access control ・Context ・Problem ・Solution ・Consequence: Security property OCL
• Nine types of security properties • E.g. “Access Control” Security property at requirements level 19
1 2 Conditions access permission is given to <Role> which an <UserData> belongs Yes No Actions considers that actor has access permission × consider that actor does not have access permission × execute subject function × not execute subject function × context subject_controller inv access_control: if self.RBAC.Right->exists(p | p.right = true and p.role_id = p.Role.id and p.role_id = p.Role.User_Data.role_id ) then self.Subject_UI.User.Right = true else self.Subject_UI.User.Right = false Security property at design level 20 •E.g. “Role-based access control (RBAC)”
Test Script Our tool “TESEM” • Class structure modeling • Behavior modeling • Application of security design patterns • Generation of test cases 1 2 Conditions access permission is given in <Role> to which an <UserData> belongs Yes No Actions considers that an actor have access permission × consider that an actor does not have access permission × execute subject function × not execute subject function × Test cases for “RBAC” Create instances and check OCL constrains on USE [*] [*] F. Büttnera, et al., “USE: a UML-based specification environment for validating UML and OCL,” SCP, vol.69. 2007.
Identify assets, threats, and countermeasures Apply SDP and bind pattern elements Execute test to verify how model satisfies security requirements Execute test to verify how model satisfies security design requirements Security requirements (OCL) Security design requirements (OCL) UML UML Select SDP Design process using extended patterns 22
Case study: Setting ・Threat: Privilege Escalation ・Countermeasure: Access Control ・Target: Delete function of StudentController → Any user can delete student’s data ・Selected Pattern: Role-based access control →Realize access control based on role’s right 23
• Security Properties are in the Test cases Add test cases Confirm tests fail Fix model Confirm tests pass Test-driven secure design 24 Find vulnerability Eval. of mitigation
1 2 Conditions “Actor” has access right Yes No Actions execute “delete” function × cannot execute “delete” function × context StudentController inv SecurityRequirement : if self.DeleteUI.Actor.right = true and self.delete = true else self.delete = false endif Security requirements as OCL expression Verify whether model satisfies security requirement Security requirement as decision table Case study: Initial test for security requirement 25
Actor can execute “delete” function without access right ! Model may contain vulnerability causing Privilege Escalation. Case Study: Test failed 26
Verify whether model with RBAC satisfies security design requirements Case Study: Test for security design Verify whether model satisfies security design requirement 27
Model does not satisfy security design requirements. TESEM detected incorrect applications of design patterns Case Study: Test failed, again 28
Case Study: Model fixing 29 Fix design model until the tests successfully pass. Correct designIncorrect design Refactoring
Agenda • Introduction • Security patterns • TESEM: testing models • TESEM: testing code • Conclusion and discussion 30
TESEM: Test Driven Secure Modeling Tool [ARES’14] 31 Security pattern Problem Solution Context Test design as requirement ! create Actor ! create UI : ! create Subject.. Test Script Testcase Testing [ARES’14] Verification of Implementing Security Design Patterns Using a Test Template, Int’l Conf. Availability, Reliability and Security
32 Security design pattern Problem Solution Context Instrumentation template in Aspect J Testcase template in Java SUT Concrete aspect in AspectJ Concrete testcase in Java Specify parameters Instrumentation Testing Preparation Template for creating testcases
Agenda • Introduction • Security patterns • TESEM: testing models • TESEM: testing code • Conclusion and discussion 33
Controlled experiments • Target: EMSec [*], 24 use cases, 31 classes • Ex 1: Pattern application to design – 8 of 10 students applied patterns incorrectly without TESEM. – All students confirmed incorrect applications by TESEM. – Few students successfully fixed design. • Ex 2: Fixing code with incorrect pattern application – All 4 students found more defects in shorter time per defect by using TESEM. – All 4 students successfully fixed most of defects by using TESEM, but required little longer time. 34 [*] EMSsec http://lab.iisec.ac.jp/~okubo_lab/Members/okubo/wiki/index.php?EMSSec TESEM is useful for identifying incorrect applications. Further fixing support is expected.
A tool called TESEM that supports pattern registration, application and verification Pattern-oriented test architecture and extended security patterns using OCL-based constraints and templates, which include requirement- and design-level patterns A new model/code-testing process based on TDD to verify appropriate pattern applications and the existence of vulnerabilities using these extended patterns Conclusion 35 [ARES’13] Validating Security Design Pattern Applications Using Model Testing, Int’l Conf. Availability, Reliability and Security [ARES’14] Verification of Implementing Security Design Patterns Using a Test Template, Int’l Conf. Availability, Reliability and Security [IJSSE’14] Validating Security Design Pattern Applications by Testing Design Models, Int’l J. Secure Software Engineering 5(4) [ICST’15] TESEM: A Tool for Verifying Security Design Pattern Applications by Model Testing, IEEE ICST’15 Tools Track
Discussion • Pattern-oriented test architecture – Efforts for preparing constraints/templates paid off? – Correctness of patterns and concretization process? – Need more appropriate or different architecture? • Security pattern ecosystem – Zero-day attack? – Common Vulnerabilities and Exposures (CVE) -> patterns -> concrete tests -> … • Fixing / refactoring support – Automated fixing/refactoring ? 36
37 Mar 13-18 (due Sep 2016) aster.or.jp/conference/icst2017/ 10th IEEE International Conference on Software Testing, Verification and Validation

Recommended

Security patterns and model driven architecture
Security patterns and model driven architectureSecurity patterns and model driven architecture
Security patterns and model driven architecturebdemchak
 
Choose'10: Uwe Zdun - Compliance in service-oriented architectures: A model-d...
Choose'10: Uwe Zdun - Compliance in service-oriented architectures: A model-d...Choose'10: Uwe Zdun - Compliance in service-oriented architectures: A model-d...
Choose'10: Uwe Zdun - Compliance in service-oriented architectures: A model-d...CHOOSE
 
Se project-methodology-for-security-project-web
Se project-methodology-for-security-project-webSe project-methodology-for-security-project-web
Se project-methodology-for-security-project-webSandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Principles and risk assessment of managing distributed ontologies hosted by e...
Principles and risk assessment of managing distributed ontologies hosted by e...Principles and risk assessment of managing distributed ontologies hosted by e...
Principles and risk assessment of managing distributed ontologies hosted by e...FAST-Lab. Factory Automation Systems and Technologies Laboratory, Tampere University of Technology
 
Conducting Security Metrics for Object-Oriented Class Design
Conducting Security Metrics for Object-Oriented Class DesignConducting Security Metrics for Object-Oriented Class Design
Conducting Security Metrics for Object-Oriented Class DesignIJCSIS Research Publications
 
Software security risk mitigation using object oriented design patterns
Software security risk mitigation using object oriented design patternsSoftware security risk mitigation using object oriented design patterns
Software security risk mitigation using object oriented design patternseSAT Journals
 
Software security risk mitigation using object
Software security risk mitigation using objectSoftware security risk mitigation using object
Software security risk mitigation using objecteSAT Publishing House
 
Model based vulnerability testing report
Model based vulnerability testing reportModel based vulnerability testing report
Model based vulnerability testing reportKupili Archana
 

Recommended

Security patterns and model driven architecture
Security patterns and model driven architectureSecurity patterns and model driven architecture
Security patterns and model driven architecturebdemchak
 
Choose'10: Uwe Zdun - Compliance in service-oriented architectures: A model-d...
Choose'10: Uwe Zdun - Compliance in service-oriented architectures: A model-d...Choose'10: Uwe Zdun - Compliance in service-oriented architectures: A model-d...
Choose'10: Uwe Zdun - Compliance in service-oriented architectures: A model-d...CHOOSE
 
Se project-methodology-for-security-project-web
Se project-methodology-for-security-project-webSe project-methodology-for-security-project-web
Se project-methodology-for-security-project-webSandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Principles and risk assessment of managing distributed ontologies hosted by e...
Principles and risk assessment of managing distributed ontologies hosted by e...Principles and risk assessment of managing distributed ontologies hosted by e...
Principles and risk assessment of managing distributed ontologies hosted by e...FAST-Lab. Factory Automation Systems and Technologies Laboratory, Tampere University of Technology
 
Conducting Security Metrics for Object-Oriented Class Design
Conducting Security Metrics for Object-Oriented Class DesignConducting Security Metrics for Object-Oriented Class Design
Conducting Security Metrics for Object-Oriented Class DesignIJCSIS Research Publications
 
Software security risk mitigation using object oriented design patterns
Software security risk mitigation using object oriented design patternsSoftware security risk mitigation using object oriented design patterns
Software security risk mitigation using object oriented design patternseSAT Journals
 
Software security risk mitigation using object
Software security risk mitigation using objectSoftware security risk mitigation using object
Software security risk mitigation using objecteSAT Publishing House
 
Model based vulnerability testing report
Model based vulnerability testing reportModel based vulnerability testing report
Model based vulnerability testing reportKupili Archana
 
Software Design Level Vulnerability Classification Model
Software Design Level Vulnerability Classification ModelSoftware Design Level Vulnerability Classification Model
Software Design Level Vulnerability Classification ModelCSCJournals
 
Developing secure software using Aspect oriented programming
Developing secure software using Aspect oriented programmingDeveloping secure software using Aspect oriented programming
Developing secure software using Aspect oriented programmingIOSR Journals
 
us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...
us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...
us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...Tom Nipravsky
 
security evaluation of pattern classifiers under attack
security evaluation of pattern classifiers under attacksecurity evaluation of pattern classifiers under attack
security evaluation of pattern classifiers under attackswathi78
 
EdgarDB - the simple, powerful database for scientific research
EdgarDB - the simple, powerful database for scientific researchEdgarDB - the simple, powerful database for scientific research
EdgarDB - the simple, powerful database for scientific researchMark Khoury
 
Computer security design principles
Computer security design principlesComputer security design principles
Computer security design principlesShaishav Dahal
 
소프트웨어 아키텍처 평가(Atam)
소프트웨어 아키텍처 평가(Atam)소프트웨어 아키텍처 평가(Atam)
소프트웨어 아키텍처 평가(Atam)영기 김
 
MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2Abi Reddy
 
A Survey of Security of Multimodal Biometric Systems
A Survey of Security of Multimodal Biometric SystemsA Survey of Security of Multimodal Biometric Systems
A Survey of Security of Multimodal Biometric SystemsIJERA Editor
 
Object Oriented Analysis
Object Oriented AnalysisObject Oriented Analysis
Object Oriented AnalysisPramod Parajuli
 
STATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGES
STATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGESSTATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGES
STATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGESIJCSES Journal
 
Our talk in Black Hat Asia 2015 Briefing
Our talk in Black Hat Asia 2015 Briefing Our talk in Black Hat Asia 2015 Briefing
Our talk in Black Hat Asia 2015 Briefing SecPod Technologies
 
SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...
SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...
SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...IJNSA Journal
 
2015 03-04 presentation1
2015 03-04 presentation12015 03-04 presentation1
2015 03-04 presentation1ifi8106tlu
 
Standardizing Source Code Security Audits
Standardizing Source Code Security AuditsStandardizing Source Code Security Audits
Standardizing Source Code Security Auditsijseajournal
 
INTERNAL SECURITY ON AN IDS BASED ON AGENTS
INTERNAL SECURITY ON AN IDS BASED ON AGENTSINTERNAL SECURITY ON AN IDS BASED ON AGENTS
INTERNAL SECURITY ON AN IDS BASED ON AGENTSIJNSA Journal
 
SoSPa: A System of Security Patterns for engineering Secure Systems
SoSPa: A System of Security Patterns for engineering Secure SystemsSoSPa: A System of Security Patterns for engineering Secure Systems
SoSPa: A System of Security Patterns for engineering Secure SystemsPhu H. Nguyen
 
20160831_app_storesecurity_Seminar
20160831_app_storesecurity_Seminar20160831_app_storesecurity_Seminar
20160831_app_storesecurity_SeminarJisoo Park
 
V-Empower Services And Solutions
V-Empower Services And SolutionsV-Empower Services And Solutions
V-Empower Services And Solutionsguest609a5ed
 
Successive Software Reliability Growth Model: A Modular Approach
Successive Software Reliability Growth Model: A Modular ApproachSuccessive Software Reliability Growth Model: A Modular Approach
Successive Software Reliability Growth Model: A Modular Approachajeetmnnit
 
Information20121017
Information20121017Information20121017
Information20121017b-slash
 
ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~
ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~
ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~Hironori Washizaki
 

More Related Content

What's hot

Software Design Level Vulnerability Classification Model
Software Design Level Vulnerability Classification ModelSoftware Design Level Vulnerability Classification Model
Software Design Level Vulnerability Classification ModelCSCJournals
 
Developing secure software using Aspect oriented programming
Developing secure software using Aspect oriented programmingDeveloping secure software using Aspect oriented programming
Developing secure software using Aspect oriented programmingIOSR Journals
 
us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...
us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...
us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...Tom Nipravsky
 
security evaluation of pattern classifiers under attack
security evaluation of pattern classifiers under attacksecurity evaluation of pattern classifiers under attack
security evaluation of pattern classifiers under attackswathi78
 
EdgarDB - the simple, powerful database for scientific research
EdgarDB - the simple, powerful database for scientific researchEdgarDB - the simple, powerful database for scientific research
EdgarDB - the simple, powerful database for scientific researchMark Khoury
 
Computer security design principles
Computer security design principlesComputer security design principles
Computer security design principlesShaishav Dahal
 
소프트웨어 아키텍처 평가(Atam)
소프트웨어 아키텍처 평가(Atam)소프트웨어 아키텍처 평가(Atam)
소프트웨어 아키텍처 평가(Atam)영기 김
 
MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2Abi Reddy
 
A Survey of Security of Multimodal Biometric Systems
A Survey of Security of Multimodal Biometric SystemsA Survey of Security of Multimodal Biometric Systems
A Survey of Security of Multimodal Biometric SystemsIJERA Editor
 
Object Oriented Analysis
Object Oriented AnalysisObject Oriented Analysis
Object Oriented AnalysisPramod Parajuli
 
STATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGES
STATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGESSTATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGES
STATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGESIJCSES Journal
 
Our talk in Black Hat Asia 2015 Briefing
Our talk in Black Hat Asia 2015 Briefing Our talk in Black Hat Asia 2015 Briefing
Our talk in Black Hat Asia 2015 Briefing SecPod Technologies
 
SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...
SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...
SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...IJNSA Journal
 
2015 03-04 presentation1
2015 03-04 presentation12015 03-04 presentation1
2015 03-04 presentation1ifi8106tlu
 
Standardizing Source Code Security Audits
Standardizing Source Code Security AuditsStandardizing Source Code Security Audits
Standardizing Source Code Security Auditsijseajournal
 
INTERNAL SECURITY ON AN IDS BASED ON AGENTS
INTERNAL SECURITY ON AN IDS BASED ON AGENTSINTERNAL SECURITY ON AN IDS BASED ON AGENTS
INTERNAL SECURITY ON AN IDS BASED ON AGENTSIJNSA Journal
 
SoSPa: A System of Security Patterns for engineering Secure Systems
SoSPa: A System of Security Patterns for engineering Secure SystemsSoSPa: A System of Security Patterns for engineering Secure Systems
SoSPa: A System of Security Patterns for engineering Secure SystemsPhu H. Nguyen
 
20160831_app_storesecurity_Seminar
20160831_app_storesecurity_Seminar20160831_app_storesecurity_Seminar
20160831_app_storesecurity_SeminarJisoo Park
 
V-Empower Services And Solutions
V-Empower Services And SolutionsV-Empower Services And Solutions
V-Empower Services And Solutionsguest609a5ed
 

What's hot (19)

Software Design Level Vulnerability Classification Model
Software Design Level Vulnerability Classification ModelSoftware Design Level Vulnerability Classification Model
Software Design Level Vulnerability Classification Model
 
Developing secure software using Aspect oriented programming
Developing secure software using Aspect oriented programmingDeveloping secure software using Aspect oriented programming
Developing secure software using Aspect oriented programming
 
us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...
us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...
us-16-Nipravsky-Certificate-Bypass-Hiding-And-Executing-Malware-From-A-Digita...
 
security evaluation of pattern classifiers under attack
security evaluation of pattern classifiers under attacksecurity evaluation of pattern classifiers under attack
security evaluation of pattern classifiers under attack
 
EdgarDB - the simple, powerful database for scientific research
EdgarDB - the simple, powerful database for scientific researchEdgarDB - the simple, powerful database for scientific research
EdgarDB - the simple, powerful database for scientific research
 
Computer security design principles
Computer security design principlesComputer security design principles
Computer security design principles
 
소프트웨어 아키텍처 평가(Atam)
소프트웨어 아키텍처 평가(Atam)소프트웨어 아키텍처 평가(Atam)
소프트웨어 아키텍처 평가(Atam)
 
MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2
 
A Survey of Security of Multimodal Biometric Systems
A Survey of Security of Multimodal Biometric SystemsA Survey of Security of Multimodal Biometric Systems
A Survey of Security of Multimodal Biometric Systems
 
Object Oriented Analysis
Object Oriented AnalysisObject Oriented Analysis
Object Oriented Analysis
 
STATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGES
STATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGESSTATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGES
STATE OF THE ART SURVEY ON DSPL SECURITY CHALLENGES
 
Our talk in Black Hat Asia 2015 Briefing
Our talk in Black Hat Asia 2015 Briefing Our talk in Black Hat Asia 2015 Briefing
Our talk in Black Hat Asia 2015 Briefing
 
SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...
SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...
SOURCE CODE ANALYSIS TO REMOVE SECURITY VULNERABILITIES IN JAVA SOCKET PROGR...
 
2015 03-04 presentation1
2015 03-04 presentation12015 03-04 presentation1
2015 03-04 presentation1
 
Standardizing Source Code Security Audits
Standardizing Source Code Security AuditsStandardizing Source Code Security Audits
Standardizing Source Code Security Audits
 
INTERNAL SECURITY ON AN IDS BASED ON AGENTS
INTERNAL SECURITY ON AN IDS BASED ON AGENTSINTERNAL SECURITY ON AN IDS BASED ON AGENTS
INTERNAL SECURITY ON AN IDS BASED ON AGENTS
 
SoSPa: A System of Security Patterns for engineering Secure Systems
SoSPa: A System of Security Patterns for engineering Secure SystemsSoSPa: A System of Security Patterns for engineering Secure Systems
SoSPa: A System of Security Patterns for engineering Secure Systems
 
20160831_app_storesecurity_Seminar
20160831_app_storesecurity_Seminar20160831_app_storesecurity_Seminar
20160831_app_storesecurity_Seminar
 
V-Empower Services And Solutions
V-Empower Services And SolutionsV-Empower Services And Solutions
V-Empower Services And Solutions
 

Viewers also liked

Successive Software Reliability Growth Model: A Modular Approach
Successive Software Reliability Growth Model: A Modular ApproachSuccessive Software Reliability Growth Model: A Modular Approach
Successive Software Reliability Growth Model: A Modular Approachajeetmnnit
 
Information20121017
Information20121017Information20121017
Information20121017b-slash
 
ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~
ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~
ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~Hironori Washizaki
 
Software Reliability
Software ReliabilitySoftware Reliability
Software Reliabilityranapoonam1
 
Reliability growth models for quality management
Reliability growth models for quality managementReliability growth models for quality management
Reliability growth models for quality managementRoy Antony Arnold G
 
ATAGTR2017 Differentiation using Testing Tools and Automation in the BFS COTS...
ATAGTR2017 Differentiation using Testing Tools and Automation in the BFS COTS...ATAGTR2017 Differentiation using Testing Tools and Automation in the BFS COTS...
ATAGTR2017 Differentiation using Testing Tools and Automation in the BFS COTS...Agile Testing Alliance
 
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...Agile Testing Alliance
 
ATAGTR2017 Keeping pace with Product Evolution: UI Automation Framework Guide...
ATAGTR2017 Keeping pace with Product Evolution: UI Automation Framework Guide...ATAGTR2017 Keeping pace with Product Evolution: UI Automation Framework Guide...
ATAGTR2017 Keeping pace with Product Evolution: UI Automation Framework Guide...Agile Testing Alliance
 
Testing Frameworks And Methodologies
Testing Frameworks And MethodologiesTesting Frameworks And Methodologies
Testing Frameworks And MethodologiesSteven Cahill
 
ATAGTR2017 Unified APM: The new age performance monitoring for production sys...
ATAGTR2017 Unified APM: The new age performance monitoring for production sys...ATAGTR2017 Unified APM: The new age performance monitoring for production sys...
ATAGTR2017 Unified APM: The new age performance monitoring for production sys...Agile Testing Alliance
 
Chapter 7 software reliability
Chapter 7 software reliabilityChapter 7 software reliability
Chapter 7 software reliabilitydespicable me
 
Introduction to Test Automation - Technology and Tools
Introduction to Test Automation - Technology and ToolsIntroduction to Test Automation - Technology and Tools
Introduction to Test Automation - Technology and ToolsKMS Technology
 
ATAGTR2017 Protractor Cucumber BDD Approach
ATAGTR2017 Protractor Cucumber BDD ApproachATAGTR2017 Protractor Cucumber BDD Approach
ATAGTR2017 Protractor Cucumber BDD ApproachAgile Testing Alliance
 
Introduction to Test Automation
Introduction to Test AutomationIntroduction to Test Automation
Introduction to Test AutomationPekka Klärck
 
Software reliability
Software reliabilitySoftware reliability
Software reliabilityAnand Kumar
 

Viewers also liked (19)

Successive Software Reliability Growth Model: A Modular Approach
Successive Software Reliability Growth Model: A Modular ApproachSuccessive Software Reliability Growth Model: A Modular Approach
Successive Software Reliability Growth Model: A Modular Approach
 
Information20121017
Information20121017Information20121017
Information20121017
 
ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~
ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~
ラーニング・バイ・コンテスト (Learning by Contest) ~ プログラミング学習のシフト ~
 
Software Reliability
Software ReliabilitySoftware Reliability
Software Reliability
 
Reliability growth models for quality management
Reliability growth models for quality managementReliability growth models for quality management
Reliability growth models for quality management
 
Reliability growth models
Reliability growth modelsReliability growth models
Reliability growth models
 
ATAGTR2017 Differentiation using Testing Tools and Automation in the BFS COTS...
ATAGTR2017 Differentiation using Testing Tools and Automation in the BFS COTS...ATAGTR2017 Differentiation using Testing Tools and Automation in the BFS COTS...
ATAGTR2017 Differentiation using Testing Tools and Automation in the BFS COTS...
 
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
 
ATAGTR2017 Keeping pace with Product Evolution: UI Automation Framework Guide...
ATAGTR2017 Keeping pace with Product Evolution: UI Automation Framework Guide...ATAGTR2017 Keeping pace with Product Evolution: UI Automation Framework Guide...
ATAGTR2017 Keeping pace with Product Evolution: UI Automation Framework Guide...
 
Testing Frameworks And Methodologies
Testing Frameworks And MethodologiesTesting Frameworks And Methodologies
Testing Frameworks And Methodologies
 
ATAGTR2017 Unified APM: The new age performance monitoring for production sys...
ATAGTR2017 Unified APM: The new age performance monitoring for production sys...ATAGTR2017 Unified APM: The new age performance monitoring for production sys...
ATAGTR2017 Unified APM: The new age performance monitoring for production sys...
 
ATAGTR2017 Blockchain Based Testing
ATAGTR2017 Blockchain Based TestingATAGTR2017 Blockchain Based Testing
ATAGTR2017 Blockchain Based Testing
 
ATAGTR2017 Testing in DevOps Culture
ATAGTR2017 Testing in DevOps CultureATAGTR2017 Testing in DevOps Culture
ATAGTR2017 Testing in DevOps Culture
 
Chapter 7 software reliability
Chapter 7 software reliabilityChapter 7 software reliability
Chapter 7 software reliability
 
Software Reliability
Software ReliabilitySoftware Reliability
Software Reliability
 
Introduction to Test Automation - Technology and Tools
Introduction to Test Automation - Technology and ToolsIntroduction to Test Automation - Technology and Tools
Introduction to Test Automation - Technology and Tools
 
ATAGTR2017 Protractor Cucumber BDD Approach
ATAGTR2017 Protractor Cucumber BDD ApproachATAGTR2017 Protractor Cucumber BDD Approach
ATAGTR2017 Protractor Cucumber BDD Approach
 
Introduction to Test Automation
Introduction to Test AutomationIntroduction to Test Automation
Introduction to Test Automation
 
Software reliability
Software reliabilitySoftware reliability
Software reliability
 

Similar to TESEM: A Tool for Verifying Security Design Pattern Applications

Security Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationSecurity Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationHironori Washizaki
 
TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1Eelco Visser
 
An integrated security testing framework and tool
An integrated security testing framework and toolAn integrated security testing framework and tool
An integrated security testing framework and toolMoutasm Tamimi
 
Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...John M. Willis
 
Enumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCEnumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCJohn M. Willis
 
Self-Protecting JavaScript: A Lightweight Approach to Enforcing Security Poli...
Self-Protecting JavaScript: A Lightweight Approach to Enforcing Security Poli...Self-Protecting JavaScript: A Lightweight Approach to Enforcing Security Poli...
Self-Protecting JavaScript: A Lightweight Approach to Enforcing Security Poli...Phú Phùng
 
Null application security in an agile world
Null application security in an agile worldNull application security in an agile world
Null application security in an agile worldStefan Streichsbier
 
Unit testing basics with NUnit and Visual Studio
Unit testing basics with NUnit and Visual StudioUnit testing basics with NUnit and Visual Studio
Unit testing basics with NUnit and Visual StudioAmit Choudhary
 
Automating Strategically or Tactically when Testing
Automating Strategically or Tactically when TestingAutomating Strategically or Tactically when Testing
Automating Strategically or Tactically when TestingAlan Richardson
 
Beyond security testing
Beyond security testingBeyond security testing
Beyond security testingCu Nguyen
 
SECURITY REQUIREMENTS ENGINEERING: APPLYING SQUARE FRAMEWORK
SECURITY REQUIREMENTS ENGINEERING: APPLYING SQUARE FRAMEWORKSECURITY REQUIREMENTS ENGINEERING: APPLYING SQUARE FRAMEWORK
SECURITY REQUIREMENTS ENGINEERING: APPLYING SQUARE FRAMEWORKRamez Al-Fayez
 
Ethical Hacking Conference 2015- Building Secure Products -a perspective
Ethical Hacking Conference 2015- Building Secure Products -a perspective Ethical Hacking Conference 2015- Building Secure Products -a perspective
Ethical Hacking Conference 2015- Building Secure Products -a perspectiveDr. Anish Cheriyan (PhD)
 
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...Amazon Web Services
 
4.Security Assessment And Testing
4.Security Assessment And Testing4.Security Assessment And Testing
4.Security Assessment And Testingphanleson
 
Strategy-driven Test Generation with Open Source Frameworks
Strategy-driven Test Generation with Open Source FrameworksStrategy-driven Test Generation with Open Source Frameworks
Strategy-driven Test Generation with Open Source FrameworksDimitry Polivaev
 
Application Security in an Agile World - Agile Singapore 2016
Application Security in an Agile World - Agile Singapore 2016Application Security in an Agile World - Agile Singapore 2016
Application Security in an Agile World - Agile Singapore 2016Stefan Streichsbier
 
Transferring Software Testing Tools to Practice
Transferring Software Testing Tools to PracticeTransferring Software Testing Tools to Practice
Transferring Software Testing Tools to PracticeTao Xie
 
Scalable and Cost-Effective Model-Based Software Verification and Testing
Scalable and Cost-Effective Model-Based Software Verification and TestingScalable and Cost-Effective Model-Based Software Verification and Testing
Scalable and Cost-Effective Model-Based Software Verification and TestingLionel Briand
 

Similar to TESEM: A Tool for Verifying Security Design Pattern Applications (20)

Security Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationSecurity Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and Verification
 
TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1
 
An integrated security testing framework and tool
An integrated security testing framework and toolAn integrated security testing framework and tool
An integrated security testing framework and tool
 
Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...
 
Enumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCEnumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLC
 
Self-Protecting JavaScript: A Lightweight Approach to Enforcing Security Poli...
Self-Protecting JavaScript: A Lightweight Approach to Enforcing Security Poli...Self-Protecting JavaScript: A Lightweight Approach to Enforcing Security Poli...
Self-Protecting JavaScript: A Lightweight Approach to Enforcing Security Poli...
 
Null application security in an agile world
Null application security in an agile worldNull application security in an agile world
Null application security in an agile world
 
Unit testing basics with NUnit and Visual Studio
Unit testing basics with NUnit and Visual StudioUnit testing basics with NUnit and Visual Studio
Unit testing basics with NUnit and Visual Studio
 
Design For Testability
Design For TestabilityDesign For Testability
Design For Testability
 
Automating Strategically or Tactically when Testing
Automating Strategically or Tactically when TestingAutomating Strategically or Tactically when Testing
Automating Strategically or Tactically when Testing
 
Beyond security testing
Beyond security testingBeyond security testing
Beyond security testing
 
SECURITY REQUIREMENTS ENGINEERING: APPLYING SQUARE FRAMEWORK
SECURITY REQUIREMENTS ENGINEERING: APPLYING SQUARE FRAMEWORKSECURITY REQUIREMENTS ENGINEERING: APPLYING SQUARE FRAMEWORK
SECURITY REQUIREMENTS ENGINEERING: APPLYING SQUARE FRAMEWORK
 
Ethical Hacking Conference 2015- Building Secure Products -a perspective
Ethical Hacking Conference 2015- Building Secure Products -a perspective Ethical Hacking Conference 2015- Building Secure Products -a perspective
Ethical Hacking Conference 2015- Building Secure Products -a perspective
 
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...
 
4.Security Assessment And Testing
4.Security Assessment And Testing4.Security Assessment And Testing
4.Security Assessment And Testing
 
Strategy-driven Test Generation with Open Source Frameworks
Strategy-driven Test Generation with Open Source FrameworksStrategy-driven Test Generation with Open Source Frameworks
Strategy-driven Test Generation with Open Source Frameworks
 
Application Security in an Agile World - Agile Singapore 2016
Application Security in an Agile World - Agile Singapore 2016Application Security in an Agile World - Agile Singapore 2016
Application Security in an Agile World - Agile Singapore 2016
 
Transferring Software Testing Tools to Practice
Transferring Software Testing Tools to PracticeTransferring Software Testing Tools to Practice
Transferring Software Testing Tools to Practice
 
Scalable and Cost-Effective Model-Based Software Verification and Testing
Scalable and Cost-Effective Model-Based Software Verification and TestingScalable and Cost-Effective Model-Based Software Verification and Testing
Scalable and Cost-Effective Model-Based Software Verification and Testing
 
shaabani-Final-NC
shaabani-Final-NCshaabani-Final-NC
shaabani-Final-NC
 

More from Hironori Washizaki

Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringHironori Washizaki
 
IEEE Computer Society 2024 Technology Predictions Update
IEEE Computer Society 2024 Technology Predictions UpdateIEEE Computer Society 2024 Technology Predictions Update
IEEE Computer Society 2024 Technology Predictions UpdateHironori Washizaki
 
鷲崎弘宜, "国際規格ISO/IEC 24773とその意義", 情報処理学会 第86回全国大会
鷲崎弘宜, "国際規格ISO/IEC 24773とその意義", 情報処理学会 第86回全国大会鷲崎弘宜, "国際規格ISO/IEC 24773とその意義", 情報処理学会 第86回全国大会
鷲崎弘宜, "国際規格ISO/IEC 24773とその意義", 情報処理学会 第86回全国大会Hironori Washizaki
 
IEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
IEEE Computer Society’s Strategic Activities and Products including SWEBOK GuideIEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
IEEE Computer Society’s Strategic Activities and Products including SWEBOK GuideHironori Washizaki
 
TISO/IEC JTC1におけるソフトウェア工学知識体系、技術者認証および品質の標準化と研究・教育他への活用
TISO/IEC JTC1におけるソフトウェア工学知識体系、技術者認証および品質の標準化と研究・教育他への活用TISO/IEC JTC1におけるソフトウェア工学知識体系、技術者認証および品質の標準化と研究・教育他への活用
TISO/IEC JTC1におけるソフトウェア工学知識体系、技術者認証および品質の標準化と研究・教育他への活用Hironori Washizaki
 
アジャイル品質のパターンとメトリクス Agile Quality Patterns and Metrics (QA2AQ) 20240225
アジャイル品質のパターンとメトリクス Agile Quality Patterns and Metrics (QA2AQ) 20240225アジャイル品質のパターンとメトリクス Agile Quality Patterns and Metrics (QA2AQ) 20240225
アジャイル品質のパターンとメトリクス Agile Quality Patterns and Metrics (QA2AQ) 20240225Hironori Washizaki
 
Joseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about ArchitectureJoseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about ArchitectureHironori Washizaki
 
世界標準のソフトウェア工学知識体系SWEBOK Guide最新第4版を通じた開発アップデート
世界標準のソフトウェア工学知識体系SWEBOK Guide最新第4版を通じた開発アップデート世界標準のソフトウェア工学知識体系SWEBOK Guide最新第4版を通じた開発アップデート
世界標準のソフトウェア工学知識体系SWEBOK Guide最新第4版を通じた開発アップデートHironori Washizaki
 
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...Hironori Washizaki
 
デジタルトランスフォーメーション(DX)におけるソフトウェアの側面とダイバーシティ・インクルーシブに関する研究実践動向
デジタルトランスフォーメーション(DX)におけるソフトウェアの側面とダイバーシティ・インクルーシブに関する研究実践動向デジタルトランスフォーメーション(DX)におけるソフトウェアの側面とダイバーシティ・インクルーシブに関する研究実践動向
デジタルトランスフォーメーション(DX)におけるソフトウェアの側面とダイバーシティ・インクルーシブに関する研究実践動向Hironori Washizaki
 
SQuBOKガイドV3概説 ~IoT・AI・DX時代のソフトウェア品質とシステム監査~
SQuBOKガイドV3概説 ~IoT・AI・DX時代のソフトウェア品質とシステム監査~SQuBOKガイドV3概説 ~IoT・AI・DX時代のソフトウェア品質とシステム監査~
SQuBOKガイドV3概説 ~IoT・AI・DX時代のソフトウェア品質とシステム監査~Hironori Washizaki
 
人生100年・60年カリキュラム時代のDX人材育成: スマートエスイー 2021年度成果および2022年度募集
人生100年・60年カリキュラム時代のDX人材育成: スマートエスイー 2021年度成果および2022年度募集人生100年・60年カリキュラム時代のDX人材育成: スマートエスイー 2021年度成果および2022年度募集
人生100年・60年カリキュラム時代のDX人材育成: スマートエスイー 2021年度成果および2022年度募集Hironori Washizaki
 
スマートエスイーコンソーシアムの概要と2021年度成果紹介
スマートエスイーコンソーシアムの概要と2021年度成果紹介スマートエスイーコンソーシアムの概要と2021年度成果紹介
スマートエスイーコンソーシアムの概要と2021年度成果紹介Hironori Washizaki
 
DXの推進において企業内に求められる人材やデジタル人材の育て方
DXの推進において企業内に求められる人材やデジタル人材の育て方DXの推進において企業内に求められる人材やデジタル人材の育て方
DXの推進において企業内に求められる人材やデジタル人材の育て方Hironori Washizaki
 
対応性のある運用のパターン
対応性のある運用のパターン対応性のある運用のパターン
対応性のある運用のパターンHironori Washizaki
 
モデル訓練のパターン
モデル訓練のパターンモデル訓練のパターン
モデル訓練のパターンHironori Washizaki
 
パターンのつながりとAI活用成熟度
パターンのつながりとAI活用成熟度パターンのつながりとAI活用成熟度
パターンのつながりとAI活用成熟度Hironori Washizaki
 
データ表現のパターン
データ表現のパターンデータ表現のパターン
データ表現のパターンHironori Washizaki
 
機械学習デザインパターンの必要性と機械学習ライフサイクル
機械学習デザインパターンの必要性と機械学習ライフサイクル機械学習デザインパターンの必要性と機械学習ライフサイクル
機械学習デザインパターンの必要性と機械学習ライフサイクルHironori Washizaki
 
青山幹雄先生を偲んで(開拓、理論、実践、コミュニティ&国際)
青山幹雄先生を偲んで(開拓、理論、実践、コミュニティ&国際)青山幹雄先生を偲んで(開拓、理論、実践、コミュニティ&国際)
青山幹雄先生を偲んで(開拓、理論、実践、コミュニティ&国際)Hironori Washizaki
 

More from Hironori Washizaki (20)

Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their Engineering
 
IEEE Computer Society 2024 Technology Predictions Update
IEEE Computer Society 2024 Technology Predictions UpdateIEEE Computer Society 2024 Technology Predictions Update
IEEE Computer Society 2024 Technology Predictions Update
 
鷲崎弘宜, "国際規格ISO/IEC 24773とその意義", 情報処理学会 第86回全国大会
鷲崎弘宜, "国際規格ISO/IEC 24773とその意義", 情報処理学会 第86回全国大会鷲崎弘宜, "国際規格ISO/IEC 24773とその意義", 情報処理学会 第86回全国大会
鷲崎弘宜, "国際規格ISO/IEC 24773とその意義", 情報処理学会 第86回全国大会
 
IEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
IEEE Computer Society’s Strategic Activities and Products including SWEBOK GuideIEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
IEEE Computer Society’s Strategic Activities and Products including SWEBOK Guide
 
TISO/IEC JTC1におけるソフトウェア工学知識体系、技術者認証および品質の標準化と研究・教育他への活用
TISO/IEC JTC1におけるソフトウェア工学知識体系、技術者認証および品質の標準化と研究・教育他への活用TISO/IEC JTC1におけるソフトウェア工学知識体系、技術者認証および品質の標準化と研究・教育他への活用
TISO/IEC JTC1におけるソフトウェア工学知識体系、技術者認証および品質の標準化と研究・教育他への活用
 
アジャイル品質のパターンとメトリクス Agile Quality Patterns and Metrics (QA2AQ) 20240225
アジャイル品質のパターンとメトリクス Agile Quality Patterns and Metrics (QA2AQ) 20240225アジャイル品質のパターンとメトリクス Agile Quality Patterns and Metrics (QA2AQ) 20240225
アジャイル品質のパターンとメトリクス Agile Quality Patterns and Metrics (QA2AQ) 20240225
 
Joseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about ArchitectureJoseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about Architecture
 
世界標準のソフトウェア工学知識体系SWEBOK Guide最新第4版を通じた開発アップデート
世界標準のソフトウェア工学知識体系SWEBOK Guide最新第4版を通じた開発アップデート世界標準のソフトウェア工学知識体系SWEBOK Guide最新第4版を通じた開発アップデート
世界標準のソフトウェア工学知識体系SWEBOK Guide最新第4版を通じた開発アップデート
 
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
 
デジタルトランスフォーメーション(DX)におけるソフトウェアの側面とダイバーシティ・インクルーシブに関する研究実践動向
デジタルトランスフォーメーション(DX)におけるソフトウェアの側面とダイバーシティ・インクルーシブに関する研究実践動向デジタルトランスフォーメーション(DX)におけるソフトウェアの側面とダイバーシティ・インクルーシブに関する研究実践動向
デジタルトランスフォーメーション(DX)におけるソフトウェアの側面とダイバーシティ・インクルーシブに関する研究実践動向
 
SQuBOKガイドV3概説 ~IoT・AI・DX時代のソフトウェア品質とシステム監査~
SQuBOKガイドV3概説 ~IoT・AI・DX時代のソフトウェア品質とシステム監査~SQuBOKガイドV3概説 ~IoT・AI・DX時代のソフトウェア品質とシステム監査~
SQuBOKガイドV3概説 ~IoT・AI・DX時代のソフトウェア品質とシステム監査~
 
人生100年・60年カリキュラム時代のDX人材育成: スマートエスイー 2021年度成果および2022年度募集
人生100年・60年カリキュラム時代のDX人材育成: スマートエスイー 2021年度成果および2022年度募集人生100年・60年カリキュラム時代のDX人材育成: スマートエスイー 2021年度成果および2022年度募集
人生100年・60年カリキュラム時代のDX人材育成: スマートエスイー 2021年度成果および2022年度募集
 
スマートエスイーコンソーシアムの概要と2021年度成果紹介
スマートエスイーコンソーシアムの概要と2021年度成果紹介スマートエスイーコンソーシアムの概要と2021年度成果紹介
スマートエスイーコンソーシアムの概要と2021年度成果紹介
 
DXの推進において企業内に求められる人材やデジタル人材の育て方
DXの推進において企業内に求められる人材やデジタル人材の育て方DXの推進において企業内に求められる人材やデジタル人材の育て方
DXの推進において企業内に求められる人材やデジタル人材の育て方
 
対応性のある運用のパターン
対応性のある運用のパターン対応性のある運用のパターン
対応性のある運用のパターン
 
モデル訓練のパターン
モデル訓練のパターンモデル訓練のパターン
モデル訓練のパターン
 
パターンのつながりとAI活用成熟度
パターンのつながりとAI活用成熟度パターンのつながりとAI活用成熟度
パターンのつながりとAI活用成熟度
 
データ表現のパターン
データ表現のパターンデータ表現のパターン
データ表現のパターン
 
機械学習デザインパターンの必要性と機械学習ライフサイクル
機械学習デザインパターンの必要性と機械学習ライフサイクル機械学習デザインパターンの必要性と機械学習ライフサイクル
機械学習デザインパターンの必要性と機械学習ライフサイクル
 
青山幹雄先生を偲んで(開拓、理論、実践、コミュニティ&国際)
青山幹雄先生を偲んで(開拓、理論、実践、コミュニティ&国際)青山幹雄先生を偲んで(開拓、理論、実践、コミュニティ&国際)
青山幹雄先生を偲んで(開拓、理論、実践、コミュニティ&国際)
 

Recently uploaded

Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf31events.com
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...Technogeeks
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsChristian Birchler
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Cizo Technology Services
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Natan Silnitsky
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfDrew Moseley
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Mater
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Developmentvyaparkranti
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...Akihiro Suda
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxRTS corp
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Matt Ray
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsSafe Software
 

Recently uploaded (20)

2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Development
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
 

TESEM: A Tool for Verifying Security Design Pattern Applications

  • 1. A Tool for Verifying Security Design Pattern Applications Hironori Washizaki Waseda University, Tokyo, Japan Collaborators: Takanori Kobashi, Masatoshi Yoshizawa, Yoshiaki Fukazawa (Waseda University) Takao Okubo (Institute of Information Security) Haruhiko Kaiya (Kanagawa University) Nobukazu Yoshioka (National Institute of informatics) InSTA 2016, Chicago, Apr 10, 2016
  • 2. • Prof., Head, Global Software Engineering Laboratory, Waseda University • Visiting Assoc. Prof., National Institute of Informatics • Chair, IEEE CS Japan Chapter • Chair, SEMAT Japan Chapter • Convenor, ISO/IEC/JTC1/SC7/WG20 • Co-Chair, IEEE ICST’17 Toyo 2 “Hiro”nori Washizaki
  • 3. Agenda • Introduction • Security patterns • TESEM: testing models • TESEM: testing code • Conclusion and discussion 4
  • 5. TESEM: Test Driven Secure Modeling Tool • Security design/implementation guided by testing pattern applications [ARES’13][ARES’14][IJSSE’14][ICST’15] 6 Security pattern Problem Solution Context Test design as requirement ! create Actor ! create UI : ! create Subject.. Constraint, script Test case Testing [ARES’13] Validating Security Design Pattern Applications Using Model Testing, Int’l Conf. Availability, Reliability and Security [ARES’14] Verification of Implementing Security Design Patterns Using a Test Template, Int’l Conf. Availability, Reliability and Security [IJSSE’14] Validating Security Design Pattern Applications by Testing Design Models, Int’l J. Secure Software Engineering 5(4) [ICST’15] TESEM: A Tool for Verifying Security Design Pattern Applications by Model Testing, IEEE ICST’15 Tools Track
  • 6. Agenda • Introduction • Security patterns • TESEM: testing models • TESEM: testing code • Conclusion and discussion 7
  • 7. Security for every phase • Security concerns must be addressed at every phase 8 Requirement Design Implementation Test Security concerns Security requirements Security design Threat modeling Secure coding and review Security testingSecurity design review
  • 8. Patterns are promising at any phase 9 Requirement Design Implementation Test Security concerns SecurityTesting Security Requirement Patterns Security Design Patterns Patterns • Recurrent problems and solutions under specific contexts • For requirements definition, design, implementation and testing!
  • 9. • Name: Role-based access control (RBAC) • Problem: How do we assign rights to people based on their functions or tasks? • Solution: Assign users to roles and give rights to these roles so they can perform their tasks. • Related patterns: Authorization, ... User id name ProtectionObject id name * *Authorization_rule Right access_type predicate copy_flag checkRights Role id name **MemberOf Example of security pattern
  • 10. 11 T. Heyman, “An Analysis of the Security Patterns Landscape,” 2007 Number of well described security patterns is increasing Security patterns landscape [Heyman’07]
  • 11. Pattern-oriented test architecture • Security by proven patterns – Security requirements, secure design and implementation • Patterns as abstract test cases – Possible to prepare abstract “constraints” and “templates” for testing model and code – Necessary to concretize patterns against concrete requirement/design/code 12 Security patterns Problem Solution Context Abstract constraints, templates Concrete constraints, test cases
  • 12. Security pattern researches [PLoP’15] 13 [PLoP’15] Systematic Mapping of Security Patterns Research, Conf. Pattern Languages of Programs Conference Application 46% Case studies 13%Modeling 7% Detection 7% Validation 7% Selection 7% Others 13%
  • 13. Agenda • Introduction • Security patterns • TESEM: testing models • TESEM: testing code • Conclusion and discussion 14
  • 14. TESEM: Test Driven Secure Modeling Tool [ARES’13][IJSSE’14][ICST’15] 15 Security Design Pattern Problem Solution Context Test design as requirement ! create Actor ! create UI : ! create Subject.. Test Script Test case Testing [ARES’13] Validating Security Design Pattern Applications Using Model Testing, Int’l Conf. Availability, Reliability and Security [IJSSE’14] Validating Security Design Pattern Applications by Testing Design Models, Int’l J. Secure Software Engineering 5(4) [ICST’15] TESEM: A Tool for Verifying Security Design Pattern Applications by Model Testing, IEEE ICST’15 Tools Track
  • 15. Application of Security Design Patterns (SDP) Role Based Access Control ・Context ・Problem ・Solution ・Structure Apply Model not considering security Model that realizes access control based on Role 16
  • 16. Apply SDPUML UML Incorrect pattern application Vulnerabilities are not resolved Conventional problematic process Identify assets, threats, and countermeasures Select SDP 17
  • 17. Security patterns with OCL constraints 18 Access control ・Context ・Problem ・Solution ・Structure Security Requirement Patterns Security Design Patterns ・Asset ・Threat ・Countermeasure: Security property OCL trace Role-based access control ・Context ・Problem ・Solution ・Consequence: Security property OCL
  • 18. • Nine types of security properties • E.g. “Access Control” Security property at requirements level 19
  • 19. 1 2 Conditions access permission is given to <Role> which an <UserData> belongs Yes No Actions considers that actor has access permission × consider that actor does not have access permission × execute subject function × not execute subject function × context subject_controller inv access_control: if self.RBAC.Right->exists(p | p.right = true and p.role_id = p.Role.id and p.role_id = p.Role.User_Data.role_id ) then self.Subject_UI.User.Right = true else self.Subject_UI.User.Right = false Security property at design level 20 •E.g. “Role-based access control (RBAC)”
  • 20. Test Script Our tool “TESEM” • Class structure modeling • Behavior modeling • Application of security design patterns • Generation of test cases 1 2 Conditions access permission is given in <Role> to which an <UserData> belongs Yes No Actions considers that an actor have access permission × consider that an actor does not have access permission × execute subject function × not execute subject function × Test cases for “RBAC” Create instances and check OCL constrains on USE [*] [*] F. Büttnera, et al., “USE: a UML-based specification environment for validating UML and OCL,” SCP, vol.69. 2007.
  • 21. Identify assets, threats, and countermeasures Apply SDP and bind pattern elements Execute test to verify how model satisfies security requirements Execute test to verify how model satisfies security design requirements Security requirements (OCL) Security design requirements (OCL) UML UML Select SDP Design process using extended patterns 22
  • 22. Case study: Setting ・Threat: Privilege Escalation ・Countermeasure: Access Control ・Target: Delete function of StudentController → Any user can delete student’s data ・Selected Pattern: Role-based access control →Realize access control based on role’s right 23
  • 23. • Security Properties are in the Test cases Add test cases Confirm tests fail Fix model Confirm tests pass Test-driven secure design 24 Find vulnerability Eval. of mitigation
  • 24. 1 2 Conditions “Actor” has access right Yes No Actions execute “delete” function × cannot execute “delete” function × context StudentController inv SecurityRequirement : if self.DeleteUI.Actor.right = true and self.delete = true else self.delete = false endif Security requirements as OCL expression Verify whether model satisfies security requirement Security requirement as decision table Case study: Initial test for security requirement 25
  • 25. Actor can execute “delete” function without access right ! Model may contain vulnerability causing Privilege Escalation. Case Study: Test failed 26
  • 26. Verify whether model with RBAC satisfies security design requirements Case Study: Test for security design Verify whether model satisfies security design requirement 27
  • 27. Model does not satisfy security design requirements. TESEM detected incorrect applications of design patterns Case Study: Test failed, again 28
  • 28. Case Study: Model fixing 29 Fix design model until the tests successfully pass. Correct designIncorrect design Refactoring
  • 29. Agenda • Introduction • Security patterns • TESEM: testing models • TESEM: testing code • Conclusion and discussion 30
  • 30. TESEM: Test Driven Secure Modeling Tool [ARES’14] 31 Security pattern Problem Solution Context Test design as requirement ! create Actor ! create UI : ! create Subject.. Test Script Testcase Testing [ARES’14] Verification of Implementing Security Design Patterns Using a Test Template, Int’l Conf. Availability, Reliability and Security
  • 31. 32 Security design pattern Problem Solution Context Instrumentation template in Aspect J Testcase template in Java SUT Concrete aspect in AspectJ Concrete testcase in Java Specify parameters Instrumentation Testing Preparation Template for creating testcases
  • 32. Agenda • Introduction • Security patterns • TESEM: testing models • TESEM: testing code • Conclusion and discussion 33
  • 33. Controlled experiments • Target: EMSec [*], 24 use cases, 31 classes • Ex 1: Pattern application to design – 8 of 10 students applied patterns incorrectly without TESEM. – All students confirmed incorrect applications by TESEM. – Few students successfully fixed design. • Ex 2: Fixing code with incorrect pattern application – All 4 students found more defects in shorter time per defect by using TESEM. – All 4 students successfully fixed most of defects by using TESEM, but required little longer time. 34 [*] EMSsec http://lab.iisec.ac.jp/~okubo_lab/Members/okubo/wiki/index.php?EMSSec TESEM is useful for identifying incorrect applications. Further fixing support is expected.
  • 34. A tool called TESEM that supports pattern registration, application and verification Pattern-oriented test architecture and extended security patterns using OCL-based constraints and templates, which include requirement- and design-level patterns A new model/code-testing process based on TDD to verify appropriate pattern applications and the existence of vulnerabilities using these extended patterns Conclusion 35 [ARES’13] Validating Security Design Pattern Applications Using Model Testing, Int’l Conf. Availability, Reliability and Security [ARES’14] Verification of Implementing Security Design Patterns Using a Test Template, Int’l Conf. Availability, Reliability and Security [IJSSE’14] Validating Security Design Pattern Applications by Testing Design Models, Int’l J. Secure Software Engineering 5(4) [ICST’15] TESEM: A Tool for Verifying Security Design Pattern Applications by Model Testing, IEEE ICST’15 Tools Track
  • 35. Discussion • Pattern-oriented test architecture – Efforts for preparing constraints/templates paid off? – Correctness of patterns and concretization process? – Need more appropriate or different architecture? • Security pattern ecosystem – Zero-day attack? – Common Vulnerabilities and Exposures (CVE) -> patterns -> concrete tests -> … • Fixing / refactoring support – Automated fixing/refactoring ? 36
  • 36. 37 Mar 13-18 (due Sep 2016) aster.or.jp/conference/icst2017/ 10th IEEE International Conference on Software Testing, Verification and Validation