Publications
A Tool-Supported Method for the Design and Implementation of Secure Distributed Applications
Linda Ariani Gunawan, Frank Alexander Kraemer and Peter Herrmann
Third International Symposium on Engineering Secure Software and Systems (ESSoS), 2011. Lecture Notes in Computer Science, 2011, Volume 6542, Springer.
DOI,
BibTeX
Abstract
We describe a highly automated and tool-supported method for the correct integration of security mechanisms into distributed applications. Security functions to establish and release secure connections are provided as self-contained, collaborative building blocks specifying the behavior of several parties. For the security mechanisms to be effective, the application-specific model needs to fulfill certain behavioral properties, for instance, a consistent start and termination. We identify these properties and show how they lead to correct secured applications.
Modeling a Distributed Intrusion Detection System Using Collaborative Building Blocks
Linda Ariani Gunawan, Michael Vogel, Frank Alexander Kraemer, Sebastian Schmerl, Vidar Slå̊tten, Peter Herrmann and Hartmut Kö̈nig
Third IEEE International Workshop UML and Formal Methods. ACM SIGSOFT Software Engineering Notes, Volume 36 Number 1, January 2011. ACM.
DOI,
BibTeX
Abstract
Abstract Developing complex distributed systems is a non-trivial task. It is even more difficult when the systems need to dynamically reconfigure the distributed functionalities or tasks. Not only do we need to deal with the application-specific functionalities that are intricate, but we also have to handle the complex logic of coordinating the distribution and relocation of tasks. In this paper, we model an intrusion detection system that distributes its analysis units to a number of hosts and assigns fine-grained analysis tasks to these hosts in order to cope with the rapid increase of audit data from today's IT systems. The system is further capable to react to overload situations and to shift tasks to other hosts. To develop this complex system, we apply the model-based engineering method SPACE. In particular, we show that the collaborative specification style of the method can significantly reduce the development effort. Also, the formal semantics of SPACE ensures the correctness of important design properties.
Towards the Integration of Security Aspects into System Development Using Collaboration-Oriented Models
Linda Ariani Gunawan, Frank Alexander Kraemer and Peter Herrmann
International Conference on Security Technology (SecTech 2009), published in Communications in Computer and Information Science, Volume 58, p. 72-85, 2009. Springer.
DOI,
BibTeX
Abstract
Security, as an important feature of system design, should be taken into account early in the development of systems. We propose an extension of the SPACE engineering method in order to integrate security aspects into the system design and implementation phases. The integration of security mechanisms is facilitated by collaborations. Functional system specifications are represented by collaboration-oriented models which describe functionalities reaching over different physical components in one model. Countermeasures are also modeled by collaborations since security mechanisms are often collaborative structures themselves. Our approach includes an asset-oriented security analysis on the collaboration-oriented models in order to determine the level of protection needed. We illustrate our approach by the example of an e-sale system.
Older Publications
- Cecilia Esti Nugraheni, Linda Ariani Gunawan, “Spesifikasi dan Verifikasi Bounded Retransmission Protocol secara Formal dengan Temporal Logic of Actions ”, Published in National Journal of Computer Science vol. 6 no. 3, September 2008.
- Linda Ariani Gunawan, Cecilia Esti Nugraheni, “Formal Protocol Specification with TLA+, Case Study: Bounded Retransmission Protocol”, Published in Proceeding of IC-TEL (Indonesian Conference on Telecommunication), 20-22 September 2006, Bandung, Indonesia.
- A.A. Iskandar, Suprijadi, W. Sutrisno, J.V. Sulungbudi, Lusi, Lionov, Linda Ariani Gunawan, “Development of Web-Based Remote Access Higher Level Physics Experiments”, Published in Conference Proceeding of SEAAIR (South East Asian Association for Institutional Research) 2006, 5-7 September 2006, Langkawi, Malaysia.
- Linda Ariani Gunawan, “Mapping UML Class and UML Attribute onto XML Schemas using UML Profile”, Published in National Jurnal Integral vol. 9 no. 2, July 2004.