Composing patterns to construct secure systems

Building secure applications requires significant expertise. Secure platforms and security patterns have been proposed to alleviate this problem. However, correctly applying patterns to use platform features is still highly expertise-dependent. Patterns are informal and there is a gap between them and platform features. We propose the concept of reusable verified design fragments, which package security patterns and platform features and are verified to provide assurance about their security properties. Design fragments can be composed through four primitive tactics. The verification of the composed design against desired security properties is presented in an assurance case. We demonstrate our approach by securing a Continuous Deployment pipeline and show that the tactics are sufficient to compose design fragments into a secure system. Finally, we formally define composition tactics, which are intended to support the development of systems that are secure by construction

The Globe Infrastructure Directory Service

To implement adaptive replication strategies for Web documents, we have developed a wide area resource management system. This system allows servers to be managed on a local and global level. On a local level the system manages information about the resources and services provided by the servers, while on a global level the system allows servers to be searched for, added to, and removed from the system. As part of the system, and also in order to implement adaptive replication strategies, we introduce a hierarchical location representation for network elements such as servers, objects, and clients. This location representation allows us to easily and efficiently find and group network elements based on their location in a worldwide network. Our resource management system can be implemented using standard Internet technologies and has a broader range of applications besides making adaptive replication strategies possible for Web documents

Preface

ii This document is a user manual for the L4 µ-kernel, specifically the L4Ka::Pistachio implementation of the Version X.2 (aka. beta Version 4) API. It gives an introduction to the main concepts and features of L4, and explains their use by a number of examples. The manual is platform independent, however, examples showing the compiling and linking of programs are based on the L4 implementation for the UNSW u4600 platform (which uses a MIPS R4x00 processor). Compiling and linking may differ on other platforms. This document supplements, rather than replaces, the L4 Reference Manual, and anyone intending to write applications on top of L4 should obtain the L4 Reference Manual. Permission to make digital/hard copy of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage, the copyright notice, the title of the publication and its date appear, and notice is given that copying is by permission of the authors. To copy otherwise, to republish, to post on servers, or to redistribute to lists requires prior specific permission and/or a fee

A Distributed-Object Infrastructure for Corporate Websites by

A corporate website is the virtual representation of a corporation or organization on the Internet. Corporate websites face numerous problems due to their large size and complexity, and the nonscalability of the underlying Web infrastructure. Current solutions to these problems generally rely on traditional scaling techniques such as caching and replication. These are usually too restrictive, however, taking a one-size-fits-all approach and applying the same solution to every document. We propose Globe as a foundation upon which to build scalable corporate websites, and introduce GlobeDoc, a website model based on Globe distributed shared objects. This paper describes GlobeDoc, highlighting the design and technical details of the infrastructure. 1

Extending the Capabilities of Component Models for Embedded Systems

Abstract. Component-based development helps to improve the modularity and reusability of embedded systems. Component models devised for embedded systems are typically restricted due to the limited computing, storage and power resources of the target systems. Most existing component models for embedded systems therefore only support a static component architecture and provide a simple and lightweight core. With the increasing demand for more feature-rich embedded systems these component architectures must be extended. In order to remain useful for the development of resource-restricted embedded systems, however, the extensions must be optional. Creating such extensions requires a cost-effective development process that can produce reusable, rather than application-specific, extensions. This necessitates a systematic approach to seamlessly integrate application specific requirements of the extension, the existing component model and the constraints of the computing environment. In this paper we propose a scenario-based architectural approach to extending the capabilities of the CAmkES component model. This approach is used to distil application specific requirements and computing constraints, summarise generic scenarios, drive the extension to the core CAmkES architecture. We illustrate our approach with a case study involving the addition of dynamic capabilities to CAmkES