Separation of Concerns Security Model of Component using Grey Box (그레이박스를 사용한 컴포넌트의 관심사 분리 보안 모델 )

김영수; Cho Sun-Gu (조선구)

Separation of Concerns Security Model of Component using Grey Box

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2008, 13(5), pp.163-170
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science

김영수 ¹, Cho Sun-Gu ²

¹충북대학교
²나사렛대학교

Accredited

ABSTRACT

As the degree of dependency and application of component increases, the need to strengthen security of component is also increased as well. The component gives an advantage to improve development productivity through its reusable software. Even with this advantage, vulnerability of component security limits its reuse. When the security level of a component is raised in order to improve this problem, the most problematic issue will be that it may extend its limitation on reusability. Therefore, a component model concerning its reusability and security at the same time should be supplied. We suggest a Separation of Concerns Security Model for Extension of Component Reuse which is integrated with a wrapper model and an aspect model and combined with a reuse model in order to extend its security and reusability by supplying information hiding and easy modification, and an appropriate application system to verify the model's compatibility is even constructed. This application model gives the extension of component function and easy modification through the separation of concerns, and it raise its security as well as extends its reusability.

KEYWORDS

관심사분리(Separation of Concerns), 보안모델(Security Model), 컴포넌트재사용(Component Reuse), 그레이박스(Grey Box)

Citation status

* References for papers published after 2023 are currently being built.

[confproc] Llewellyn-Jones, D / 2004 / An Extensible Framework for Practical Secure Component Composition in a Ubiquitous Computing Environment / International Conference on Information Technology, Las Vegas

[confproc] Mantel,H / 2002 / On the composition of secure systems / in Proceedings 2002 IEEE Symposium on Security and Privacy

[confproc] Lan, K / 2005 / A taxonomy of software component models / IEEE Computer Society Press / IEEE Computer Society Press : 88~95

[confproc] Bruneton, E / 2004 / An open component model and its support in Java / In Proceedings of 7th CBSE / Springer-Verlag : 7~22

[confproc] Beydeda, S / 2000 / Integrating white- and blackbox techniques for class-level testing object-oriented prototypes / In SEA Software Engineering and Applications Conference / IASTED/ACTA Press : 23~28

[confproc] Tesanovic, A / 2003 / Aspect-level WCET analyzer: a ool for automated WCET analysis of a real-time software composed using aspects and components / in Proceedings of the 3rd International Workshop on Worst-Case Execution Time Analysis (WCET 2003) / Porto, Portugal

[confproc] Kiczales, G / 2005 / Separation of Concerns with Procedures, Annotations, Advice and Pointcuts / European Conference on Object-Oriented Programming (ECOOP)

[confproc] Suvee, D / 2003 / JAsCo: an Aspect-Oriented approach tailored for Component Based Software Development / Proceeding of AOSD 2003 : 21~29

[confproc] Sipma,H / 2003 / A formal model for cross-cutting modular transition systems / in In Proceedings of the Workshop on Foundations of Aspect-Oriented Languages (FOAL 2003)

[journal] Christine Mingins / 2002 / Building trust in third-party components using component wrappers in the .net frameworks / Proceedings of the Fortieth International Confernece on Tools Pacific Australian Computer Society : 153~157

[journal] Sewell, P / 2000 / Secure Composition of Untrusted Code: Wrappers and Causality Types / 13th IEEE Computer Security Foundations Workshop (CSFW'00)

[confproc] Dean, J.C / 2001 / Security Wrapper Technology for COTS Software Products / 13th Annual Software Technology Conference

[confproc] Martin B¨uchi / 1997 / A plea for grey-box components. Technical Report 122, Turku Centre for Computer Science / Presented at the Workshop on Foundations of Component-Based Systems

[thesis] 김영수 / 2003 / 메시지보안시스템의 인증 프로토콜설계 및 검증 / 국민대학교

[thesis] 서정석 / 2000 / 컴포넌트 개발 툴을 사용한 소프트웨어 개발 노력 산정에 관한 연구 / 국민대학교

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65