Integrating Security-Enriched Data Flow Diagrams Into Architecture-Based Confidentiality Analysis

The increasing complexity of modern software systems presents developers with significant challenges regarding the confidentiality of sensitive data. To this end, data flow diagrams serve as an effective tool for identifying potential confidentiality violations. Previous work in this area collected a data set comprising security-enriched data flow diagrams. Previous work on the security of microservice applications has created an extensive dataset of security-enriched data flow diagrams derived from open-source projects. The data set also includes security rules for microservices architectures specified in natural language. This paper presents an automated pipeline that converts descriptions of data flow diagrams with security rules into models suitable for automated information security analysis. Our evaluation based on the existing data set shows that the transformed models are highly accurate, establishing a gold standard for data flow-based confidentiality analysis.

Niehues, Nils; Arp, Benjamin; Hüller, Tom; Schwickerath, Felix; Boltz, Nicolas; Hahner, Sebastian (2024): Integrating Security-Enriched Data Flow Diagrams Into Architecture-Based Confidentiality Analysis. Softwaretechnik-Trends Band 44, Heft 4. Gesellschaft für Informatik e.V.. ISSN: 0720-8928

Schlagwörter

confidentiality , data flow diagram , transformation , automated pipeline

Sammlungen

Softwaretechnik-Trends 44(4) - 2024

Komplettanzeige

Integrating Security-Enriched Data Flow Diagrams Into Architecture-Based Confidentiality Analysis

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen