CCE Theses and Dissertations

Campus Access Only

All rights reserved. This publication is intended for use solely by faculty, students, and staff of Nova Southeastern University. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means, now known or later developed, including but not limited to photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the author or the publisher.

Date of Award

2013

Document Type

Dissertation - NSU Access Only

Degree Name

Doctor of Philosophy in Computer Information Systems (DCIS)

Department

Graduate School of Computer and Information Sciences

Advisor

Frank Mitropoulos

Committee Member

Eric S Ackerman

Committee Member

Gregory L Simco

Keywords

AOP, AspectJ, attack graph, FOSS, RBAC, security

Abstract

While Role Based Access Control (RBAC) has been a popular topic of research over the last several years, there are some gaps in the literature that have been waiting to be addressed. One of these gaps involves the application of RBAC to free and open source software (FOSS). With the prevalence of FOSS in most information systems growing rapidly, there is a need to be able to provide a level of confidence that the software will not compromise the data integrity of an environment, nor will it enable the violation of established access controls. Additionally, when utilizing FOSS software it is desirable to

do so without having to modify its source code whenever an update is released in order to maintain a secure environment; this makes adding proprietary modules both time consuming and expensive. The challenges involved in maintaining proprietary changes to

FOSS generates a particular interest in an RBAC environment that could be deployed without requiring modification to the source code. Developing this type of a framework presented a significant challenge due to the software having been established prior to the

definition of any security requirements that would have to be applied by the proposed framework.

What this research paper shows are the results of the development of a software framework that allowed security requirements engineering to seamlessly meld with an application after it had already been developed. This framework provided a mechanism to measurably reduce the attack surface of the application against which the framework was implemented, while performing these tasks without requiring alterations to the source code of the application. Additionally, this research introduced a mechanism that was

utilized to measure the effectiveness of the framework. This mechanism provided a means of comparing the relative effectiveness of different frameworks against the same software, as well as the effectiveness of a framework against different pieces of software.

Download
To access this thesis/dissertation you must have a valid nova.edu OR mynsu.nova.edu email address and create an account for NSUWorks.

Free My Thesis

If you are the author of this work and would like to grant permission to make it openly accessible to all, please click the Free My Thesis button.

  Contact Author

  Link to NovaCat

Share

COinS