DiaSpec

DiaSpec is a light-weight Architecture Description Language.
Specurity Aspects
Name
Description
Distribution of certificates for SSL encrypted commu-nications.
Every entity must verify each access at a fine-grained level
Specification Elements
Name
Description
A part of the system that must be implemented.
An event connector corresponds to the well-known publish/subscribe paradigm, in which a publisher sends events to receivers registered for the corresponding type
A session connector defines an offer/answer session negotiation protocol, followed by a media session.
A command connector amounts to a synchronous RPC, allowing a one-to-one interaction.

  • Security Aspects

    • Certificate Management

      Distribution of certificates for SSL encrypted commu-nications.
      Specification Elements:
      Component
      Threats:
      Spoofing
      Tampering with Data
      Information Disclosure

    • Enforce Access Control List

      Every entity must verify each access at a fine-grained level
      Specification Elements:
      Command
      Threats:
      Spoofing

    Specification Elements

    • Component

      A part of the system that must be implemented.
      Applies to:
      Entity
      Component

    • Event

      An event connector corresponds to the well-known publish/subscribe paradigm, in which a publisher sends events to receivers registered for the corresponding type
      Applies to:
      InformationFlow

    • Session

      A session connector defines an offer/answer session negotiation protocol, followed by a media session.
      Applies to:
      InformationFlow

    • Command

      A command connector amounts to a synchronous RPC, allowing a one-to-one interaction.
      Applies to:
      Activity