Transformation of type graphs with inheritance for ensuring security in e-government networks

Abstract

E-government services usually process large amounts of confidential data. Therefore, security requirements for the communication between components have to be adhered in a strict way. Hence, it is of main interest that developers can analyze their modularized models of actual systems and that they can detect critical patterns. For this purpose, we present a general and formal framework for critical pattern detection and user-driven correction as well as possibilities for automatic analysis and verification at meta-model level. The technique is based on the formal theory of graph transformation, which we extend to transformations of type graphs with inheritance within a type graph hierarchy. We apply the framework to specify relevant security requirements. The extended theory is shown to fulfil the conditions of a weak adhesive HLR category allowing us to transfer analysis techniques and results shown for this abstract framework of graph transformation. In particular, we discuss how confluence analysis and parallelization can be used to enable parallel critical pattern detection and elimination.