Advances in the Acquisition of Secure Systems Based on Open Architectures

Abstract

The role of software ecosystems in the development and evolution of secure open architecture systems has received insufficient consideration. Such systems are composed of software components subject to different security requirements in an architecture in which evolution can occur by evolving existing components or by replacing them. But this may result in possible security requirements conflicts and organizational liability for failure to fulfill security obligations. We have developed an approach for understanding and modeling software security requirements as "security licenses," as well as for analyzing conflicts among groups of such licenses in realistic system contexts and for guiding the acquisition, integration, or development of systems with open source components in such an environment. Consequently, this paper reports on our efforts to extend our existing approach to specifying and analyzing software intellectual property licenses to now address software security licenses that can be associated with secure OA systems.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 30, 2011
Accession Number
ADA543839

Entities

People

  • Thomas Alspaugh
  • Walt Scacchi

Organizations

  • University of California, Irvine

Tags

Communities of Interest

  • Ground and Sea Platforms

DTIC Thesaurus Topics

  • Acquisition
  • Air Force
  • Application Software
  • Computer Program Documentation
  • Computer Program Reliability
  • Computer Programming
  • Computer Programs
  • Computers
  • Digital Toolbox
  • Information Systems
  • Intellectual Property
  • Internet
  • Law
  • Operating Systems
  • Systems Engineering
  • Web Browsers
  • Word Processors

Fields of Study

  • Computer science
  • Engineering

Readers

  • Software Engineering.
  • Strategic Security Studies