Model-driven Security and Privacy

Model-driven engineering (MDE) is a software development methodology that promotes the use of models during software development.

In this project we aim to provide MDE methodology and tools for buidling large and complex software systems that satisfy their security and privacy requirements by design. Our MDE methodology promotes security and privacy by design by integrating them into the software development process early - as models at the design phase. This facilitates precise documentation and automatic analysis of security and privacy policies. With the appropriate model transformations in place, we can additionally generate an enforcement mechanism that prevents executions not permitted by the modeled policy.
The generated enforcement mechanism is typically implemented as a collection of assertions at critical places in the application code. The assertions check if the policy is satisfied before each (possibly undesirable) action is executed.

An alternative to MDE (and its automatically generated enforcement mechanism) is to manually write the assertions in the application code. This is, unfortunately, the status quo in industry at the moment, and it is typically done ad-hoc resulting in the development of insecure systems. Writing the assertions correctly and then manually evolving them consistently as policies change is an extremely time-consuming and error-prone task. With the current (lack of) abstractions used by software engineers, it is extremely challenging and error-prone to build and maintain complex, secure, and privacy-preserving systems, and to certify that they comply with data protection regulation.
 

Project Members

  • Prof. Dr. David Basin
  • Dr. Srđan Krstić
  • François Hublet
  • Hoàng Nguyễn Phước Bảo
  • Prof. Dr. Manuel Clavel (Eastern International University)

Software

  • ActionGUI is a tool for model-driven development of secure-by-design web appllications.
  • external page Databank is a tool that automatically enforces information-flow privacy policies expressed in a metric first-order temporal logic (MFOTL).
  • EnfPoly is an extension of MonPoly monitoring tool that enforces MFOTL policies.

Publications

JavaScript has been disabled in your browser