Existing certification schemes implement continuous verification techniques aiming to prove non-functional (e.g., security) properties of software systems over time. These schemes provide different re-certification techniques for managing the certificate life cycle, though their strong assumptions make them ineffective against modern service-based distributed systems. Re-certification techniques are in fact built on static system models, which do not properly represent the system evolution, and on static detection of system changes, which results in an inaccurate planning of re-certification activities. In this paper, we propose a continuous certification scheme that departs from a static certificate life cycle management and provides a dynamic approach built on the modeling of the system behavior that reduces the amount of unnecessary re-certification. The quality of the proposed scheme is experimentally evaluated using an ad hoc dataset built on publicly-available datasets.
Continuous Certification of Non-functional Properties Across System Changes / M. Anisetti, C.A. Ardagna, N. Bena (LECTURE NOTES IN COMPUTER SCIENCE). - In: Service-Oriented Computing. Part 1 / [a cura di] F. Monti, S. Rinderle-Ma, A. Ruiz Cortés, Z. Zheng, M. Mecella. - [s.l] : Springer, 2023. - ISBN 978-3-031-48420-9. - pp. 3-18 (( Intervento presentato al 21. convegno International Conference on Service-Oriented Computing tenutosi a Roma nel 2023 [10.1007/978-3-031-48421-6_1].
Continuous Certification of Non-functional Properties Across System Changes
M. AnisettiPrimo
;C.A. ArdagnaSecondo
;N. BenaUltimo
2023
Abstract
Existing certification schemes implement continuous verification techniques aiming to prove non-functional (e.g., security) properties of software systems over time. These schemes provide different re-certification techniques for managing the certificate life cycle, though their strong assumptions make them ineffective against modern service-based distributed systems. Re-certification techniques are in fact built on static system models, which do not properly represent the system evolution, and on static detection of system changes, which results in an inaccurate planning of re-certification activities. In this paper, we propose a continuous certification scheme that departs from a static certificate life cycle management and provides a dynamic approach built on the modeling of the system behavior that reduces the amount of unnecessary re-certification. The quality of the proposed scheme is experimentally evaluated using an ad hoc dataset built on publicly-available datasets.File | Dimensione | Formato | |
---|---|---|---|
AAB.ICSOC2023.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
508.06 kB
Formato
Adobe PDF
|
508.06 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
AAB.ICSOC2023.pdf
accesso riservato
Tipologia:
Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione
667.45 kB
Formato
Adobe PDF
|
667.45 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.