Navigation

• Education
  • International programmes
  • Faculties
  • ECTS
  • Vision and policy
• Research
  • Research at KU Leuven
  • Support and funding
  • Industry and Society
  • Phd
  • Postdoc researcher
  • Output and impact
  • Networking
  • Vision and policy
• Admissions
  • How to apply
  • Scholarships
  • Degree seeking students
  • Non-degree seeking students
  • Doctoral students
  • Reseachers
  • Short term study visits
  • Prepare your stay
• Living in Leuven
  • Welcome activities
  • News and agenda
  • Student Services
  • Housing
  • Insurance
  • Sports and culture
  • Student organisations
• About KU Leuven
  • Mission statement
  • Facts and figures
  • International networks
  • Development Cooperation
  • Academic Calendar
  • Alumni
  • Fundraising
  • Services and support
  • Boards and councils
  • News and press
  • Jobs

Home > Publications > Reports > Informatics (CW)

CW 575

Koen Buyens, Riccardo Scandariato, Wouter Joosen
Automated detection and resolution of least privilege violations in software architectures

Abstract

Supporting security principles, like least privilege, in a software architecture is difficult due to the lack of both a sound theory and effective secure software engineering practices. As a result, principles are often neglected by practitioners, resulting in potentially high risk threats to systems.

This paper improves the understanding and the support for least privilege in software architectures by (i) defining the foundations to identify potential violations of the principle herein and (ii) providing architectural transformations that can be used to improve the security properties of an architecture, in an automated way. These results have been implemented and validated in a case study.

report.pdf (583K) / mailto: K. Buyens