Khaled M. Khan

Composing security-aware software

This article addresses a key issue in security: how to inspire trust by disclosing security properties of software components to others in a component-based software development environment. The authors introduce a component security characterization framework in this endeavor that characterizes security properties by exposing software security profiles to others. The active interface lets software engineers know up front the impact of security properties of a compositions candidate components.

Assessing security properties of software components: a software engineer's perspective

The paper proposes an assessment scheme for the security properties of software components. The proposed scheme consists of three stages: (i) a system-specific security requirement specification of the enclosing application; (ii) a component-specific security rating; and (iii) an evaluation method for the scored security properties of the candidate component. The assessment scheme ultimately provides a numeric score indicating a relative strength of the security properties of the candidate component. The scheme is partially based on ISO/IEC 15408, the Common Criteria for Information Technology Security Evaluation (CC) and the Multi-Element Component Comparison and Analysis (MECCA) model. The scheme is flexible enough for software engineers to use in order to get a first-hand preliminary assessment of the security posture of candidate components

Security-Oriented Service Composition and Evolution

This paper introduces a framework for security-oriented software service composition and evolution. Key building blocks of the framework are a semantic model for specifying the security objectives and properties at the service and system levels, the negotiation and re-negotiation techniques for service composition and evolution, and the analysis techniques for checking the security compatibility between services and the satisfaction of system-level security goals. It focuses on developing techniques that allow system developers to design required security into service compositions with predictability and to maintain or adapt service compositions in changed security contexts.

A framework for an active interface to characterise compositional security contracts of software components

This paper presents a framework for constructing compositional security contracts (CsC) based on the security property exposed by the atomic component. The framework uses interface structure of components in order to determine the CsC of software components. An active interface provides the component a basis for reasoning and assessing a components suitability to meet certain security requirements of a particular application. Based on the security information available from the component interface, an active interface can reason whether the candidate component meets the security requirements for an envisaged systemwide application. Any security mismatches or discrepancies between components can be identified by the participating components before an actual composition takes place. Exposing the security properties of software components can be the basis for a trust relationship among components, and the exposed security could affect the underlying security of the enclosing system.

Trust in Cloud Services: Providing More Controls to Clients

Trust is more important than money and will ultimately determine cloud computings success.

Characterising user data protection of software components

Proposes a scheme to characterise non-functional security properties that are embedded within the functionality of software components. The security properties may be attached to various aspects of a component, such as resource allocation, user data protection, communication, and so on. In this paper, we are particularly interested in characterising the user data protection of software components. It is often reported that software components usually suffer from security and reliability problems. It is now widely recognised that the characterisation of the security properties of software components is an important issue to boost the confidence and trust in component technology. To address this issue, the characterisation of the security properties of components is the first challenging step. The work proposed in this paper is partially based on the functional requirements defined in the Common Criteria for Information Technology Security Evaluation endorsed by NIST. The applicability of the proposed scheme is demonstrated with a simple example.

Assessing quality of web based systems

This paper proposes an assessment model for Web-based systems in terms of non-functional properties of the system. The proposed model consists of two stages: (i) deriving quality metrics using goal-question-metric (GQM) approach; and (ii) evaluating the metrics to rank a Web based system using multi-element component comparison analysis technique. The model ultimately produces a numeric rating indicating the relative quality of a particular Web system in terms of selected quality attributes. We decompose the quality objectives of the web system into sub goals, and develop questions in order to derive metrics. The metrics are then assessed against the defined requirements using an assessment scheme.

A process framework for characterising security properties of component-based software systems

We present a security characterisation process framework for software components and their compositions in order to address the issue of trust in component based software. The process is based on the idea of publishing trust related properties of software components in machine readable as well as understandable form at the component level and incorporating such properties with runtime composition of the application system. We explore the actual process involved in specifying publishable security properties of atomic components, component certification, reasoning about compositional security contracts, and characterising ultimate systems-level security properties to inspire trust in software components.

Security characterisation of software components and their composition

Proposes a security characterisation structure of software components and their composition. The structure provides a preliminary modelling of the security properties of stand-alone software components and some of their compositional primitives. In this paper, we are particularly interested in security properties related to user data protection of software components. The proposed compositional specification makes an attempt to model the resulting effect between the security attributes of two contracting components. The compositional specification structure can capture the results of the combined security specifications of two participating components in a contract. Our security specification syntax is based on four compositional elements: the identities of the contracting components, the actions to be performed in a compositional relationship, the security attributes supported by the components, and the resources to be used by other components. The structure is used in an example of secure interactions over a network in order to illustrate the applicability of the proposed work.

Garbled computation in cloud

With the wide adoption of cloud computing paradigm, it is important to develop appropriate techniques to protect client data privacy in the cloud. Encryption is one of the major techniques that could be used to achieve this gaol. However, data encryption at the rest along is insufficient for secure cloud computation environments. Further efficient techniques for carrying out computation over encrypted data are also required. Fully homomorphic encryption (FHE) and garbled circuits are naturally used to process encrypted data without leaking any information about the data. However, existing FHE schemes are inefficient for processing large amount of data in cloud and garbled circuits are one time programs and cannot be reused. Using modern technologies such as FHE, several authors have developed reusable garbled circuit techniques in recent years. But they are not efficient either and could not be deployed at a large scale. By relaxing the privacy definition from perfect forward secrecy to all-or-nothing privacy, we are able to design efficient reusable garbled circuits in this paper. These reusable garbled computation techniques could be used for processing encrypted cloud data efficiently. A linear code based garbled circuits scheme is proposed.New concept of all-or-nothing privacy for garbled circuits schemes.Much more efficient that existing FHE schemes.