Behavioral singletons to consistently handle global states of security patterns

Abstract

Secure systems are usually complex since stateful security mechanisms like authentication and authorization have to be integrated into the functional behavior at various places. The security operations are, in general, interdependent such that events at one place may influence the behavior at other places. Thus, the composed specification of a system is neither easy to understand nor to analyze, and a faulty integration of the security mechanisms is often overseen. In this paper, we introduce the concept of singletons into our model-based engineering technique SPACE which facilitates a straightforward integration of security aspects. The behavior of a security protocol is encapsulated in a building block using a two-view interface contract. One view of the contract is quite simple and suffices for the correct integration of the block into a system specification. The other view is more complex but has to be considered only by the block designers to verify that the behavioral model in the block fulfills its interface contract. We exemplify the singletons by means of an authorization mechanism and discuss how to prove that the two views of its interface contract are consistent. © 2012 IFIP International Federation for Information Processing.