Secure Data Flow Analysis Contracts
Input model for the secure data flow analysis. Annotations to specify security properties of elements of the Palladio Component Model for analysis of secure data flow.
Specurity Aspects
Specification Elements
Name
Description
Describes characteristics of the user (e.g. roles) in the interaction with the system
Describes characteristics of a resource container where components are deployed to
Describes characteristics of component instances
Assigns characteristics to data when passed through the system
Defines whether a component is a data store
Security Aspects
Secure data flow
Ensures that the InformationFlow is secure w.r.t. a given policy- Specification Elements:
- Assembly Context Characterization
- Confidentiality Variable Characterization
- Operational Data Store Extension
- Resource Container Characterization
- Usage Scenario Characterization
- Threats:
- Information Disclosure
Specification Elements
Usage Scenario Characterization
Describes characteristics of the user (e.g. roles) in the interaction with the system- Applies to:
- Entity
Resource Container Characterization
Describes characteristics of a resource container where components are deployed to- Applies to:
- Node
Assembly Context Characterization
Describes characteristics of component instances- Applies to:
- Component
Confidentiality Variable Characterization
Assigns characteristics to data when passed through the system- Applies to:
- Data
Operational Data Store Extension
Defines whether a component is a data store- Applies to:
- Component