CARDS
CARDS is a domain-specific language for specifying data flow constraints and architectural level assumptions.
Specurity Aspects
Name
Description
This aspect ensures that the information flow in the system is secure by considering restrictions and assumption about the components, ports and data.
Specification Elements
Name
Description
Specifies whether a component sanitizes data.
Defines a security level for a certain data type in the system.
Specifies whether a component is source of a specific data type.
Specifies allow or prevent restrictions for data types w.r.t. components to restrict the data flow.
Specifies whether a component or port never leaks a certain data type.
Security Aspects
Secure Information Flow
This aspect ensures that the information flow in the system is secure by considering restrictions and assumption about the components, ports and data.- Specification Elements:
- InformationFlowRestriction
- DataType
- NeverOut-Assumption
- Sanitizer Assumption
- sourceOf
- Threats:
- Information Disclosure
- Tampering with Data
- Denial of Service
- Repudiation
Specification Elements
Sanitizer Assumption
Specifies whether a component sanitizes data.- Applies to:
- Component
DataType
Defines a security level for a certain data type in the system.- Applies to:
- Data
sourceOf
Specifies whether a component is source of a specific data type.- Applies to:
- Component
InformationFlowRestriction
Specifies allow or prevent restrictions for data types w.r.t. components to restrict the data flow.- Applies to:
- Data
- InformationFlow
NeverOut-Assumption
Specifies whether a component or port never leaks a certain data type.