To be understandable and reusable at large scale, also by non-experts in security, Crypto primitives must be implemented in a modular way, and come with well organized and well described processes to help understanding, foster adoption, and ensure a proper embedding in the applications they must protect. In this paper, we reap the benefits of the modular hardware and software architecture of the SEcube, and lift the issue of crypto-primitives management from the traditional code level to a model driven approach. On small examples, we illustrate the essential features of the approach concerning the modelling of cryptography primitives as SIBs and their organization in domain-specific SIB palettes. We also sketch how to use multifaceted taxonomies to provide compact yet expressive classifications, amounting to a semantic description of the security domain. We address in the issue of workflows by using models that ease the expression, analysis, control, and formal verification of inter- and intra-model control and data flow, though the adoption of the XMDD approach implemented in the DIME integrated modelling environment. A brief description of a home banking application sketches how in reality many of these security mechanisms need to work together in a safe and secure orchestration.
Towards Model Driven Design of Crypto Primitives and Processes / Carelli, Alberto; Di Natale, Giorgio; Trotta, Pascal; Margaria, TIZIANA MARIA. - ELETTRONICO. - 1:(2016), pp. 152-158. (Intervento presentato al convegno SAM'16 - The 2016 International Conference on Security and Management tenutosi a Las Vegas (USA) nel Luglio 2016).
Towards Model Driven Design of Crypto Primitives and Processes
CARELLI, ALBERTO;TROTTA, PASCAL;MARGARIA, TIZIANA MARIA
2016
Abstract
To be understandable and reusable at large scale, also by non-experts in security, Crypto primitives must be implemented in a modular way, and come with well organized and well described processes to help understanding, foster adoption, and ensure a proper embedding in the applications they must protect. In this paper, we reap the benefits of the modular hardware and software architecture of the SEcube, and lift the issue of crypto-primitives management from the traditional code level to a model driven approach. On small examples, we illustrate the essential features of the approach concerning the modelling of cryptography primitives as SIBs and their organization in domain-specific SIB palettes. We also sketch how to use multifaceted taxonomies to provide compact yet expressive classifications, amounting to a semantic description of the security domain. We address in the issue of workflows by using models that ease the expression, analysis, control, and formal verification of inter- and intra-model control and data flow, though the adoption of the XMDD approach implemented in the DIME integrated modelling environment. A brief description of a home banking application sketches how in reality many of these security mechanisms need to work together in a safe and secure orchestration.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2670546
Attenzione
Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo