Trustworthy Systems

Building high assurance secure applications using security patterns for capability-based platforms


Paul Rimba




Building high assurance secure applications requires the proper use of security mechanisms and assurances provided by the underlying secure platform. However, applications are often built using security patterns and best practices that are agnostic with respect to the intricate specifics of the different underlying platforms. This independence from the underlying platform leaves a gap between security patterns and underlying secure platforms. In this PhD research abstract, we propose a novel approach to bridge this gap. Specifically, we propose reusable platform-specific designs for security patterns using platform-specific design strategies and primitives. The focus is on single-machine systems that can be formally verified to provide desired system-wide security properties. We also discuss assumptions and levels of assurance for these reusable designs and their use in the verification of application designs.

BibTeX Entry

    month            = may,
    keywords         = {security patterns, assurance, capability, platform, whole system.},
    paperurl         = {},
    booktitle        = {International Conference on Software Engineering},
    author           = {Rimba, Paul},
    year             = {2013},
    pages            = {4},
    title            = {Building High Assurance Secure Applications using Security Patterns for Capability-based Platforms},
    address          = {San Francisco, USA}