Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security Patterns: Research Direction, Metamodel, Application and Verification

1,165 views

Published on

Hironori Washizaki, “Security Patterns: Research Direction, Metamodel, Application and Verification”, Keynote, The 2017 International Workshop on Big Data & Information Security (IWBIS), Jakarta, Indonesia , Sep 23-24, 2017.

Published in: Software
  • Be the first to comment

  • Be the first to like this

Security Patterns: Research Direction, Metamodel, Application and Verification

  1. 1. Security Patterns: Research Direction, Metamodel, Application and Verification Hironori Washizaki Waseda University / National Institute of Informatics / SYSTEM INFORMATION CO., LTD. Keynote at IWBIS 2017, Jakarta, Sep 24, 2017 In collaboration with many students, researchers and practitioners including Atsuto Kubo, Yuki Shiroma, Takanori Kobashi, Yurina Ito, Sota Fukumoto, Misato Yamamoto, Masatoshi Yoshizawa, Tian Xia, Yoshiaki Fukazawa, Nobukazu Yoshioka, Eduardo B. Fernandez, Haruhiko Kaiya, Takao Okubo, Atsuo Hazeyama, Takehisa Kato, Shinpei Ogata, Hideyuki Kanuka, Yuki Kondo, Masayuki Yoshino and Dan Yamamoto
  2. 2. • Prof., Director, Global Software Engineering Laboratory, Waseda University • Visiting Prof., National Institute of Informatics • Director, SYSTEM INFORMATION CO., LTD. • Vice-Chair, IEEE CS Japan Chapter • Chair, SEMAT Japan Chapter • Convenor, ISO/IEC/JTC1/SC7/WG20 • Director, IPSJ SamurAI Coding: AI Programing Contest • PC Chair, IEEE ICST’17 Toyo • PC Chair, IEEE CSEE&T’17 Georgia • PC Chair, APSEC’18 Nara • Local Chair, IEEE COMPSAC’18 Tokyo • Editor-in-Chief, I. J. Agile and Extreme Dev. 2 Hironori Washizaki
  3. 3. Agenda • Security Patterns and Research Directions • Model-Driven Application • Model-Driven Verification • Metamodel for Secure Cloud Development • Conclusion and Future Perspective 3
  4. 4. Security concerns must be addressed at any phase 4 Requirement Design Implementation Test Security concerns SecurityTesting Security Requirement Patterns Security Design Patterns Security patterns • Patterns are recurrent problems and solutions under specific contexts from requirements to maintenance Maintenance
  5. 5. • Name: Role-based access control (RBAC) • Problem: How do we assign rights to people based on their functions or tasks? • Solution: Assign users to roles and give rights to these roles so they can perform their tasks. • Related patterns: Authorization, ... Example of security pattern application
  6. 6. Survey on security pattern researches [PLoP’15] 6 [PLoP’15] Systematic Mapping of Security Patterns Research, Conf. Pattern Languages of Programs Conference Application 46% Case studies 13%Modeling 7% Detection 7% Validation 7% Selection 7% Others 13%
  7. 7. Agenda • Security Patterns and Research Directions • Model-Driven Application • Model-Driven Verification • Metamodel for Secure Cloud Development • Conclusion and Future Perspective 7
  8. 8. Appropriate design Inappropriate design What’s the problem? 8 Role-based access control (RBAC) pattern
  9. 9. ①Selecting a pattern 9 ②Setting parameters Input model Helper def : SubjectName : String = ’hoge’ : : < ‥ > < ‥> </ ‥> ・・・ < ‥ > < ‥> </ ‥> < ‥> </ ‥> ・・・ UML models : : : Transformation rules ③Transformation by ATL rule SubjectClass { from s : UML!Class(s.isSbj()) to t : UML!Class( namespace <- s.namespace, isAbstract <- false, ... Parameter Model-driven security pattern application [PLoP’10] [PLoP’10] Model-Driven Security Patterns Application and Validation,” 17th Conference on Pattern Languages of Programs
  10. 10. 10 <<AuthenticatorSubject>> Employee id name Patient id name Right accessType checkRight() Subject id name ProtectionObject id name <<Authenticator.Subject>> Employee id name Patient id name Authenticator Proof_of_Identify Authentication Information <<Creates>> Authenticator Proof_of_Identify <<Creates>> Authorization Right accessType checkRight() Helper def : ProtObName : String = ’Patient’ Parameter Example: application of “Authorization” <<Authenticator.Subject>> <<Authorization.Subject>> Employee id name Authentication Information <<ProtOb>> Patient id name Subject id name ProtectionObject id name
  11. 11. Agenda • Security Patterns and Research Directions • Model-Driven Application • Model-Driven Verification • Metamodel for Secure Cloud Development • Conclusion and Future Perspective 11
  12. 12. TESEM: Test Driven Secure Modeling Tool [ARES’13][ARES’13][IJSSE’14][ICST’15][Information’16] 12 Security Design Pattern Problem Solution Context Test design as requirement ! create Actor ! create UI : ! create Subject.. Test Script Test case testing [ARES’13] Validating Security Design Pattern Applications Using Model Testing, Int’l Conf. Availability, Reliability and Security [ARES’14] Verification of Implementing Security Design Patterns Using a Test Template, Conf. Availability, Reliability and Security [IJSSE’14] Validating Security Design Pattern Applications by Testing Design Models, Int’l J. Secure Software Engineering 5(4) [ICST’15] TESEM: A Tool for Verifying Security Design Pattern Applications by Model Testing, IEEE ICST’15 Tools Track [Information’16] Implementation Support of Security Design Patterns Using Test Templates, Information 7(2) testing
  13. 13. • Security Properties are in testcases Add test cases Confirm tests fail Fix model Confirm tests pass Test-driven secure design 13 Find vulnerability Find vulnerability Eval. of mitigation Eval. of mitigation
  14. 14. Verify whether model with RBAC satisfies security design requirements Add test cases Verify whether model satisfies security design requirement 14
  15. 15. Model does not satisfy security design requirements. TESEM detected incorrect applications of design patterns Confirm tests fail 15
  16. 16. Fix model and confirm tests pass 16 Fix design model until the tests successfully pass. Correct designIncorrect design Refactoring
  17. 17. Agenda • Security Patterns and Research Directions • Model-Driven Application • Model-Driven Verification • Metamodel for Secure Cloud Development • Conclusion and Future Perspective 17
  18. 18. Challenges in cloud security and privacy (S&P) 18 Software Application Platform Infrastructure User Authorization Secure Config. OS Hardening Electronic Access Control system Cloud services Ex.) User Authentication Patterns Guidelines Practices •How to consistently utilize diverse S&P knowledge?  Metamodel •How to consider S&P over different layers?  Layered metamodel
  19. 19. Cloud Security and Privacy Metamodel (CSPM) [Future Internet’16][SERVICES’16] 19 Problem Bridge Solution SaaS (Application) PaaS (Platform) IaaS (Infrastructure) Target [Future Internet’16] Modeling and Security in Cloud Ecosystems, Future Internet, 8(13) [SERVICES’16] Metamodel for Security and Privacy Knowledge in Cloud Services, 12th IEEE World Congress on Services
  20. 20. Modeling vulnerability and security pattern Validator for data- injection vulnerability such as XSS Common Vulnerabilities and Exposures: CVE-2012-4394 Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js in own Cloud before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter.
  21. 21. Security and privacy development process 21
  22. 22. Security requirements analysis • Threats and vulnerability analysis based on STRIDE • Consider corresponding security patterns (e.g., Authentication and Authorization) Elevation of privilege Spoofing Tampering Repudiation Information disclosure Denial of service Problem Pattern SolutionExampleGoal Anti-goal
  23. 23. 23 Check other player dataAuthentication Authorization
  24. 24. Agenda • Security Patterns and Research Directions • Model-Driven Application • Model-Driven Verification • Metamodel for Secure Cloud Development • Conclusion and Future Perspective 24
  25. 25. Conclusion and future prospects • Targeting authentication and authorization • Many researches using UML, but independent • Often simple case studies • Targeting existing patterns only • Limited education for secure development methods in IoT era 25 • Address various security patterns • Integration based on common metamodel • Complex case studies with measurements • New vulnerabilities and patterns • IoT and security education program Current Future
  26. 26. Vulnerability/count ermeasure DB Metamodel Knowledge base (2) Decomposition, organization クラウドクラウド DistributionDistribution CloudCloud Software system development (3) Integrated application and verification(1) Publishing E.g., CVE New attack Security and privacy ecosystem for Cloud/IoT PI: Prof. Hironori Washizaki (‘15-’18)
  27. 27. Japanese MEXT Professional Education Program enPiT-Pro: Smart SE (‘17-’22) • PI: Prof. Hironori Washizaki • 14+ universities incl. Osaka U. and Kyushu U. • 16+ collaborators 27 Cloud Sensors, IoT Artificial Intelligence BigData generation knowledge extraction evolution Network Cyber physical systemsInfo. processing Application Busines value creation Security & privacy
  28. 28. SamurAI Coding IPSJ 6th International AI Programing Contest World Final March 14 2018 Tokyo http://samuraicoding.info APSEC 2018 25th Asia-Pacific Software Engineering Conference Nara Dec 4-7 (due: June) PC Chair: H. Washizaki Int. Journal of Agile and Extreme Software Development (IJAESD) Editor-in-Chief: H. Washizaki COMPSAC 2018 42nd IEEE Computer Society Int’l Conf. Computers, Software & Applications Tokyo July 23-27 (due: Jan 15)
  29. 29. 29 Terima kasih 감사 합니다 धन्यवाद 有難う Thank you!

×