Article Details

Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

A Generic Model for Assessing Multilevel Security-Critical Object-Oriented Programs

Author 1: Bandar M. Alshammari

Download PDF

Digital Object Identifier (DOI) : 10.14569/IJACSA.2016.071154

Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 7 Issue 11, 2016.

Abstract: The most promising approach for developing secure systems is the one which allows software developers to assess and compare the relative security of their programs based on their designs. Thereby, software metrics provide an easy approach for evaluating the security of certain object-oriented designs. They can also measure the impact on security that caused by modifications to existing programs. However, most studies in this area focus on a binary classification of data, either is classified or unclassified. In fact, there are other models with other classifications of data, for instance, the common model used by Defense departments that classifies data into four security levels. However, these various classifications have received little attention in terms of measuring their effect. This paper introduces a model for measuring information flow of security-critical data within a certain object-oriented program with multilevel classification of its security-critical data. It defines a set of object-oriented security metrics which are capable of assessing the security of a given program’s design from the point of view of potential information flow. These metrics can be used to compare the security of programs or assess the effect of program modifications on security. Specifically, this paper proposes a generic model that consists of several security metrics to measure the relative security of object-oriented designs with respect to design quality properties of accessibility, cohesion, coupling, and design size.

Keywords: Multilevel Security Models; Object-Orientation; Se-curity Metrics; Security Matrix; Unified Model Language

Bandar M. Alshammari, “A Generic Model for Assessing Multilevel Security-Critical Object-Oriented Programs” International Journal of Advanced Computer Science and Applications(IJACSA), 7(11), 2016. http://dx.doi.org/10.14569/IJACSA.2016.071154

@article{Alshammari2016,
title = {A Generic Model for Assessing Multilevel Security-Critical Object-Oriented Programs},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2016.071154},
url = {http://dx.doi.org/10.14569/IJACSA.2016.071154},
year = {2016},
publisher = {The Science and Information Organization},
volume = {7},
number = {11},
author = {Bandar M. Alshammari}
}

IJACSA

Upcoming Conferences

IntelliSys 2021

2-3 September 2021

Future Technologies Conference (FTC) 2021

28-29 October 2021

Future of Information and Communication Conference (FICC) 2022

3-4 March 2022

Computing Conference 2022

14-15 July 2022