search menu icon-carat-right cmu-wordmark

Modeling and Validating Security and Confidentiality in System Architectures

Technical Report
This report presents an approach for modeling and validating confidentiality using the Bell–LaPadula security model and the Architecture Analysis & Design Language.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2021-TR-004
DOI (Digital Object Identifier)
10.1184/R1/13659911

Abstract

The importance of security in computer and information systems is increasing as network-connected computer systems become more ubiquitous. The objective of security is to verify that the computing platform is secured and that data and information are properly accessed and handled by users and applications, ensuring data confidentiality and integrity. To develop a framework for modeling and verifying security as a data quality attribute, designers need to identify parameters and variables with the expressive power to capture and represent security models and determine the type of analysis to enable. This report presents an approach for modeling and validating confidentiality based on the Bell–LaPadula security model using the Architecture Analysis and Design Language (AADL). The report describes the Bell–LaPadula security model and elaborates how security and Bell–LaPadula attributes are mapped to concepts and represented in AADL. It then describes modeling and validating security in AADL models, considering conditions that need to be enforced for a system to ensure conformance to the Bell–LaPadula security policy. It also presents the analysis capabilities provided by AADL and examples modeled in AADL.

Cite This Technical Report

Greenhouse, A., Hansson, J., & Wrage, L. (2021, March 19). Modeling and Validating Security and Confidentiality in System Architectures. (Technical Report CMU/SEI-2021-TR-004). Retrieved May 28, 2024, from https://doi.org/10.1184/R1/13659911.

@techreport{greenhouse_2021,
author={Greenhouse, Aaron and Hansson, Jörgen and Wrage, Lutz},
title={Modeling and Validating Security and Confidentiality in System Architectures},
month={Mar},
year={2021},
number={CMU/SEI-2021-TR-004},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/13659911},
note={Accessed: 2024-May-28}
}

Greenhouse, Aaron, Jörgen Hansson, and Lutz Wrage. "Modeling and Validating Security and Confidentiality in System Architectures." (CMU/SEI-2021-TR-004). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, March 19, 2021. https://doi.org/10.1184/R1/13659911.

A. Greenhouse, J. Hansson, and L. Wrage, "Modeling and Validating Security and Confidentiality in System Architectures," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2021-TR-004, 19-Mar-2021 [Online]. Available: https://doi.org/10.1184/R1/13659911. [Accessed: 28-May-2024].

Greenhouse, Aaron, Jörgen Hansson, and Lutz Wrage. "Modeling and Validating Security and Confidentiality in System Architectures." (Technical Report CMU/SEI-2021-TR-004). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 19 Mar. 2021. https://doi.org/10.1184/R1/13659911. Accessed 28 May. 2024.

Greenhouse, Aaron; Hansson, Jörgen; & Wrage, Lutz. Modeling and Validating Security and Confidentiality in System Architectures. CMU/SEI-2021-TR-004. Software Engineering Institute. 2021. https://doi.org/10.1184/R1/13659911