There is, I think, something ethereal about i —the square root of minus one. I remember first hearing about it at school. It seemed an odd beast at that time—an intruder hovering on the edge of reality.

Usually familiarity dulls this sense of the bizarre, but in the case of i it was the reverse: over the years the sense of its surreal nature intensified. It seemed that it was impossible to write mathematics that described the real world in …

I and i

Knowledge Management

/pdf/a-break-in-the-clouds-towards-a-cloud-definition-svovsw1r5a.pdf

A Break in the Clouds: Towards a Cloud Definition

The Object Management Group's (OMG) Model Driven Architecture (MDA) strategy envisages a world where models play a more direct role in software production, being amenable to manipulation and transformation by machine. Model Driven Engineering (MDE) is wider in scope than MDA. MDE combines process and analysis with architecture. This article sets out a framework for model driven engineering, which can be used as a point of reference for activity in this area. It proposes an organisation of the modelling 'space' and how to locate models in that space. It discusses different kinds of mappings between models. It explains why process and architecture are tightly connected. It discusses the importance and nature of tools. It identifies the need for defining families of languages and transformations, and for developing techniques for generating/configuring tools from such definitions. It concludes with a call to align metamodelling with formal language engineering techniques.

Model Driven Engineering

Users have begun downloading an increasingly large number of mobile phone applications in response to advancements in handsets and wireless networks. The increased number of applications results in a greater chance of installing Trojans and similar malware. In this paper, we propose the Kirin security service for Android, which performs lightweight certification of applications to mitigate malware at install time. Kirin certification uses security rules, which are templates designed to conservatively match undesirable properties in security configuration bundled with applications. We use a variant of security requirements engineering techniques to perform an in-depth security analysis of Android to produce a set of rules that match malware characteristics. In a sample of 311 of the most popular applications downloaded from the official Android Market, Kirin and our rules found 5 applications that implement dangerous functionality and therefore should be installed with extreme caution. Upon close inspection, another five applications asserted dangerous rights, but were within the scope of reasonable functional needs. These results indicate that security configuration bundled with Android applications provides practical means of detecting malware.

/pdf/on-lightweight-mobile-phone-application-certification-1y8lgavj4k.pdf

On lightweight mobile phone application certification

Some Database Management Systems (DBMS) allow to implement multilevel databases, but there are no methodologies for designing these databases. Security must be considered as a fundamental requirement in Information Systems (IS) development, and has to be taken into account at all stages of the development. We propose a methodology for designing secure databases, which allows to design and implement secure databases considering constraints regarding sensitive information from the requirements phase. The models and languages included in the methodology provide tools to specify constraints and to classify the information into different security levels and to specify which roles users need to play to access information. The methodology prescribes rules to specify the database and the security information with the Oracle9i Label Security (OLS) DBMS. It also has been applied in an actual case by the Data Processing Center of the Ciudad Real Provincial Government.

Designing secure databases for OLS

Security and requirements engineering are one of the most important factor of success in the development of a software product line due to the complexity and extensive nature of them, given that a weakness in security can cause problems throughout all the products of a product line. However, without a CARE (Computer-Aided Requirements Engineering) tool, the application of any security requirements engineering process or methodology is much more difficult because it has to be manually performed. Therefore, in this paper, we will present a prototype of SREPPLineTool, which provides automated support to facilitate the application of the security quality requirements engineering process for software product lines, SREPPLine. SREPPLineTool simplifies the management of security requirements in product lines by providing us with a guided, systematic and intuitive way to deal with them from the early phases of product lines development, simplifying the management and the visualization of the artefacts variability and traceability links and the integration of the security standards, as well as the management of the security reference model proposed by SREPPLine. Finally we shall illustrate the application of SREPPLineTool by describing a simple example as a preliminary validation of it

Automated Support for Security Requirements Engineering in Software Product Line Domain Engineering

Data Warehouses (DW's), Multidimensional Databases, and On-Line Analytical Processing applications are used as a very powerful mechanism for discovering crucial business information. Considering the extreme importance of the information managed by these kinds of applications, it is essential to specify security measures from early stages of the DW design in the MD modeling process, and enforce them. In the past years, there have been some proposals for representing the main MD modeling properties at the conceptual level. Nevertheless, none of these proposals, considers security issues as an important element in their models, so they do not allow us to specify confidentiality constraints to be enforced by the applications that will regarding DW´s and their corresponding MD modeling properties and we propose an UML profile that allows us to specify main security aspects in the conceptual MD modeling. We show the benefit of our approach by applying this profile to an example. Finally, we also sketch how to implement the security aspects considered in our conceptual modeling approach in a commercial DBMS

A UML profile for designing secure data warehouses

We enhance an existing security governance framework for migrating legacy systems to the cloud by holistically modelling the cloud infrastructure. To achieve this we demonstrate how components of the cloud infrastructure can be identified from existing security requirements models. We further extend the modelling language to capture cloud security requirements through a dual layered view of the cloud infrastructure, where the notions are supported through a running example.

Modelling secure cloud systems based on system requirements

Data Warehouses (DWs) store historical information which support the decision-making process. Since this information is crucial, it has to be protected from unauthorised accesses by defining security constraints in all stages of the DW development process. In previous works, we applied the Model-Driven (MDA) philosophy to define secure DWs using several security models and transformations. Nevertheless, our conceptual model makes it possible to define complex security rules with OCL expressions which are not transformed automatically. This paper deals with this problem and completes our approach improving our conceptual metamodel and defining new transformation rules. Finally, an application example is shown.

Eduardo Fernández-Medina

Papers

Designing secure databases for OLS

Automated Support for Security Requirements Engineering in Software Product Line Domain Engineering

A UML profile for designing secure data warehouses

Modelling secure cloud systems based on system requirements

Defining and transforming security rules in an MDA approach for DWs