Refine
Year of publication
Document Type
- Doctoral Thesis (476) (remove)
Language
- English (249)
- German (225)
- Multiple languages (1)
- Spanish (1)
Keywords
- Pestizid (8)
- Pflanzenschutzmittel (8)
- Führung (6)
- Inklusion (6)
- Grundwasserfauna (5)
- Landwirtschaft (5)
- Modellierung (4)
- Persönlichkeit (4)
- Software Engineering (4)
- Unterrichtsforschung (4)
Institute
- Fachbereich 7 (93)
- Fachbereich 8 (47)
- Institut für Informatik (35)
- Institut für Integrierte Naturwissenschaften, Abt. Biologie (29)
- Institut für Umweltwissenschaften (23)
- Institut für Integrierte Naturwissenschaften, Abt. Chemie (22)
- Fachbereich 5 (20)
- Institut für Computervisualistik (18)
- Institut für Integrierte Naturwissenschaften, Abt. Physik (13)
- Institut für Pädagogik, Abteilung Pädagogik (13)
- Institut für Wirtschafts- und Verwaltungsinformatik (13)
- Fachbereich 6 (11)
- Institute for Web Science and Technologies (11)
- Mathematisches Institut (11)
- Institut für Erziehungswissenschaft (10)
- Arbeitsbereich Biopsychologie, Klinische Psychologie und Psychotherapie (8)
- Institut für Management (8)
- Institut für Anglistik und Amerikanistik (7)
- Institut für Germanistik (7)
- Institut für Psychologie (7)
- Institut für Softwaretechnik (7)
- Institut für Sportwissenschaft (7)
- Institut für naturwissenschaftliche Bildung (7)
- Institut für Integrierte Naturwissenschaften (6)
- Institut für Integrierte Naturwissenschaften, Abt. Geographie (6)
- Institut für Musikwissenschaft und Musikpädagogik (6)
- Institut für Kulturwissenschaft (5)
- Institut für Sozialwissenschaften (5)
- Arbeitsbereich Diagnostik, Differentielle und Persönlichkeitspsychologie, Methodik und Evaluation (4)
- Institut für Kunstwissenschaft (4)
- Institut für Philosophie (4)
- Institut für Soziologie und Politikwissenschaft (4)
- Institut für Pädagogik, Abteilung Schulpädagogik/Allgemeine Didaktik (3)
- Arbeitsbereich Entwicklungspsychologie und Pädagogische Psychologie (2)
- Fachbereich 4 (2)
- Institut für Kunstwissenschaft und Bildende Kunst (2)
- Institut für Mathematik (2)
- Arbeitsbereich Allgemeine und Pädagogische Psychologie (1)
- Arbeitsbereich Kognitive Psychologie (1)
- Arbeitsbereich Sozial- und Wirtschaftspsychologie (1)
- Institut für Bildung im Kindes- und Jugendalter (1)
- Institut für Geschichte (1)
- Institut für Grundschulpädagogik (1)
- Institut für Kommunikationspsychologie und Medienpädagogik (1)
- Institut für Pflegewissenschaften (1)
- Institut für Sonderpädagogik (1)
- Institut für fremdsprachliche Philologien (1)
Software systems have an increasing impact on our daily lives. Many systems process sensitive data or control critical infrastructure. Providing secure software is therefore inevitable. Such systems are rarely being renewed regularly due to the high costs and effort. Oftentimes, systems that were planned and implemented to be secure, become insecure because their context evolves. These systems are connected to the Internet and therefore also constantly subject to new types of attacks. The security requirements of these systems remain unchanged, while, for example, discovery of a vulnerability of an encryption algorithm previously assumed to be secure requires a change of the system design. Some security requirements cannot be checked by the system’s design but only at run time. Furthermore, the sudden discovery of a security violation requires an immediate reaction to prevent a system shutdown. Knowledge regarding security best practices, attacks, and mitigations is generally available, yet rarely integrated part of software development or covering evolution.
This thesis examines how the security of long-living software systems can be preserved taking into account the influence of context evolutions. The goal of the proposed approach, S²EC²O, is to recover the security of model-based software systems using co-evolution.
An ontology-based knowledge base is introduced, capable of managing common, as well as system-specific knowledge relevant to security. A transformation achieves the connection of the knowledge base to the UML system model. By using semantic differences, knowledge inference, and the detection of inconsistencies in the knowledge base, context knowledge evolutions are detected.
A catalog containing rules to manage and recover security requirements uses detected context evolutions to propose potential co-evolutions to the system model which reestablish the compliance with security requirements.
S²EC²O uses security annotations to link models and executable code and provides support for run-time monitoring. The adaptation of running systems is being considered as is round-trip engineering, which integrates insights from the run time into the system model.
S²EC²O is amended by prototypical tool support. This tool is used to show S²EC²O’s applicability based on a case study targeting the medical information system iTrust.
This thesis at hand contributes to the development and maintenance of long-living software systems, regarding their security. The proposed approach will aid security experts: It detects security-relevant changes to the system context, determines the impact on the system’s security and facilitates co-evolutions to recover the compliance with the security requirements.