Picking battles: The impact of trust assumptions on the elaboration of security requirements

This position paper describes work on trust assumptions in the con-text of security requirements. We show how trust assumptions can affect the scope of the analysis, derivation of security requirements, and in some cases how functionality is realized. An example shows how trust assumptions are used by a requirements engineer to help define and limit the scope of analysis and to document the decisions made during the process

Maintaining security requirements of software systems using evolving crosscutting dependencies

Security requirements are concerned with protecting assets of a system from harm. Implemented as code aspects to weave protection mechanisms into the system, security requirements need to be validated when changes are made to the programs during system evolution. However, it was not clear for developers whether existing validation procedures such as test cases are sufficient for security and when the implemented aspects need to adapt. In this chapter, we propose an approach for detecting any change to the satisfaction of security requirements in three steps: (1) identify the asset variables in the systems that are only accessed by a join-point method; (2) trace these asset variables to identify both control and data dependencies between the non-aspect and aspect functions; and (3) update the test cases ac-cording to implementation of these dependencies to strengthen the protection when a change happens. These steps are illustrated by a case study of a meeting scheduling system where security is a critical concern

Idea-caution before exploitation:the use of cybersecurity domain knowledge to educate software engineers against software vulnerabilities

The transfer of cybersecurity domain knowledge from security experts (‘Ethical Hackers’) to software engineers is discussed in terms of desirability and feasibility. Possible mechanisms for the transfer are critically examined. Software engineering methodologies do not make use of security domain knowledge in its form of vulnerability databases (e.g. CWE, CVE, Exploit DB), which are therefore not appropriate for this purpose. An approach based upon the improved use of pattern languages that encompasses security domain knowledge is proposed

Toward Non-security Failures as a Predictor of Security Faults and Failures

Abstract. In the search for metrics that can predict the presence of vulnerabilities early in the software life cycle, there may be some benefit to choosing metrics from the non-security realm. We analyzed non-security and security failure data reported for the year 2007 of a Cisco software system. We used non-security failure reports as input variables into a classification and regression tree (CART) model to determine the probability that a component will have at least one vulnerability. Using CART, we ranked all of the system components in descending order of their probabilities and found that 57 % of the vulnerable components were in the top nine percent of the total component ranking, but with a 48 % false positive rate. The results indicate that non-security failures can be used as one of the input variables for security-related prediction models

Prochlo: Strong Privacy for Analytics in the Crowd

The large-scale monitoring of computer users' software activities has become commonplace, e.g., for application telemetry, error reporting, or demographic profiling. This paper describes a principled systems architecture---Encode, Shuffle, Analyze (ESA)---for performing such monitoring with high utility while also protecting user privacy. The ESA design, and its Prochlo implementation, are informed by our practical experiences with an existing, large deployment of privacy-preserving software monitoring. (cont.; see the paper

Učinak topljivosti na kinetiku oslobađanja vodotopljivih i vodonetopljivih lijekova iz matriksnog sustava na bazi HPMC

The purpose of the present research work was to observe the effects of drug solubility on the release kinetics of water soluble verapamil hydrochloride and insoluble aceclofenac from polymer based matrix formulations. Matrix formulations were prepared by the direct compression method. The formulations were evaluated for various physical parameters. Along with the dynamics of water uptake and erosion, SEM and in vitro drug release of tablets were studied. Applying an exponential equation, it was found that the kinetics of soluble drug release followed anomalous non-Fickian diffusion transport whereas insoluble drug showed zero-order release. SEM study showed pore formation on the tablet surface that differed depending on drug solubility. t-Test pointed to a significant difference in the amount of both drugs released due to their difference in solubility. Solubility of the drug affects the kinetics and the mechanism of drug release.Cilj rada bio je praćenje učinka topljivosti na kinetiku oslobađanja vodotopljivog verapamil hidroklorida i netopljivog lijeka aceklofenaka iz matriksnih sustava na bazi hidrofilnog polimera. Matriksni sustavi pripravljeni su izravnom metodom kompresije. Uz ispitivanje uobičajenih fizikalnih svojstava, ispitivana je i dinamika primanja vode, te erozija, SEM i in vitro oslobađanje ljekovite tvari iz tableta. Primjenom eksponencijalne jednadžbe utvrđeno je da mehanizam oslobađanja topljivih lijekova slijedi anomalni ne-Fickov difuzijski transport, dok netopljivi lijekovi slijede kinetiku nultog reda. SEM ispitivanja pokazala su pore na površini matriksa ovisne o topljivosti ljekovite tvari. T-test ukazuje da količina oslobođenog lijeka značajno ovisi o njegovoj topljivosti. Topljivost lijeka ima značajan učinak na kinetiku i mehanizam oslobađanja