To the top

Page Manager: Webmaster
Last update: 9/11/2012 3:13 PM

Tell a friend about this page
Print version

Flaws in Flows: Unveiling… - University of Gothenburg, Sweden Till startsida
To content Read more about how we use cookies on

Flaws in Flows: Unveiling Design Flaws via Information Flow Analysis

Conference paper
Authors Katja Tuma
Riccardo Scandariato
Musard Balliu
Published in 2019 IEEE International Conference on Software Architecture (ICSA)
ISBN 978-1-7281-0528-4
Publisher IEEE
Publication year 2019
Published at Department of Computer Science and Engineering (GU)
Institutionen för data- och informationsteknik, Software Engineering (GU)
Language en
Keywords Secure design, Data Flow Diagram, Confidentiality, Integrity
Subject categories Computer science, Software Engineering


This paper presents a practical and formal approach to analyze security-centric information flow policies at the level of the design model. Specifically, we focus on data confidentiality and data integrity objectives. In its guiding principles, the approach is meant to be amenable for designers (e.g., software architects) that have very limited or no background in formal models, logics, and the like. To this aim, we provide an intuitive graphical notation, which is based on the familiar Data Flow Diagrams, and which requires as little effort as possible in terms of extra security-centric information the designer has to provide. The result of the analysis algorithm is the early discovery of design flaws in the form of violations of the intended security properties. The approach is implemented as a publicly available plugin for Eclipse and evaluated with four real-world case studies from publicly available literature.

Page Manager: Webmaster|Last update: 9/11/2012

The University of Gothenburg uses cookies to provide you with the best possible user experience. By continuing on this website, you approve of our use of cookies.  What are cookies?

Denna text är utskriven från följande webbsida:
Utskriftsdatum: 2020-08-15