Security is a very important concern for software architecture and software components. Previous modeling approaches provide insufficient support for an in-depth treatment of security. This paper argues for a more comprehensive treatment based on software connectors. Connectors provide a suitable vehicle to model, capture, and enforce security. Our approach models security principal, privilege, trust, and context of architectural constituents. Extending our existing architecture description language and support tools, our approach can facilitate describing the security characteristics of an architecture generating enabling infrastructure, and monitoring run-time conformance. Initial results of applying this approach are illustrated through a case study. The contribution of this research is a deeper and more comprehensive treatment of architectural security through software connectors.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Robert Allen , David Garlan, A formal basis for architectural connection, ACM Transactions on Software Engineering and Methodology (TOSEM), v.6 n.3, p.213-249, July 1997  [doi>10.1145/258077.258078]
	2	S. M. Bellovin, Security problems in the TCP/IP protocol suite, ACM SIGCOMM Computer Communication Review, v.19 n.2, p.32-48, April 1, 1989  [doi>10.1145/378444.378449]
	3	Hal Berghel, The Code Red Worm, Communications of the ACM, v.44 n.12, December 2001  [doi>10.1145/501327.501328]
	4	Christophe Bidan , Valérie Issarny, Security Benefits from Software Architecture, Proceedings of the Second International Conference on Coordination Languages and Models, p.64-80, September 01-03, 1997
	5	Stephanie Bodoff , Eric Armstrong , Jennifer Ball , Debbie Bode Carson, The J2EE Tutorial, Second Edition, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2004
	6	Clemm, G., Reschke, J., Sedlar, E., and Whitehead, J., Web Distributed Authoring and Versioning (Webdav) Access Control Protocol. RFC 3744, 2004.
	7	Cuesta, C. E., Romay, M. P., Fuente, P. D. L., and Barrio-Solorzano, M. Reflection-Based, Aspect-Oriented Software Architecture. in Proceedings of 1st European Workshop on Software Architecture, p.43--56, 2004.
	8	Eric M. Dashofy , André van der Hoek , Richard N. Taylor, An infrastructure for the rapid development of XML-based architecture description languages, Proceedings of the 24th International Conference on Software Engineering, May 19-25, 2002, Orlando, Florida  [doi>10.1145/581339.581374]
	9	Robert DeLine, Avoiding Packaging Mismatch with Flexible Packaging, IEEE Transactions on Software Engineering, v.27 n.2, p.124-143, February 2001  [doi>10.1109/32.908958]
	10	Yi Deng , Jiacun Wang , Jeffrey J. P. Tsai , Konstantin Beznosov, An Approach for Modeling and Analysis of Security System Architectures, IEEE Transactions on Knowledge and Data Engineering, v.15 n.5, p.1099-1119, September 2003  [doi>10.1109/TKDE.2003.1232267]
	11	Rogério de Paula , Xianghua Ding , Paul Dourish , Kari Nies , Ben Pillet , David F. Redmiles , Jie Ren , Jennifer A. Rode , Roberto Silva Filho, In the eye of the beholder: a visualization-based approach to information system security, International Journal of Human-Computer Studies, v.63 n.1-2, p.5-24, July 2005  [doi>10.1016/j.ijhcs.2005.04.021]
	12	Stéphane Ducasse , Tamar Richner, Executable connectors: towards reusable design elements, Proceedings of the 6th European conference held jointly with the 5th ACM SIGSOFT international symposium on Foundations of software engineering, p.483-499, September 22-25, 1997, Zurich, Switzerland
	13	Roberto S. Silva Filho , Cleidson R. B. de Souza , David F. Redmiles, The design of a configurable, extensible and dynamic notification service, Proceedings of the 2nd international workshop on Distributed event-based systems, June 08-08, 2003, San Diego, California  [doi>10.1145/966618.966633]
	14	France, R., Ray, I., Georg, G., and Ghosh, S., Aspect-Oriented Approach to Early Design Modelling. IEE Proceedings-Software, 2004. 151(4): p. 173--185.
	15	Jan Jürjens, UMLsec: Extending UML for Secure Systems Development, Proceedings of the 5th International Conference on The Unified Modeling Language, p.412-425, September 30-October 04, 2002
	16	Mika Katara , Shmuel Katz, Architectural views of aspects, Proceedings of the 2nd international conference on Aspect-oriented software development, p.1-10, March 17-21, 2003, Boston, Massachusetts  [doi>10.1145/643603.643604]
	17	Butler W. Lampson, A note on the confinement problem, Communications of the ACM, v.16 n.10, p.613-615, Oct. 1973  [doi>10.1145/362375.362389]
	18	Torsten Lodderstedt , David A. Basin , Jürgen Doser, SecureUML: A UML-Based Modeling Language for Model-Driven Security, Proceedings of the 5th International Conference on The Unified Modeling Language, p.426-441, September 30-October 04, 2002
	19	Antónia Lopes , Michel Wermelinger , José Luiz Fiadeiro, Higher-order architectural connectors, ACM Transactions on Software Engineering and Methodology (TOSEM), v.12 n.1, p.64-104, January 2003  [doi>10.1145/839268.839272]
	20	Jeff Magee , Jeff Kramer, Dynamic structure in software architectures, Proceedings of the 4th ACM SIGSOFT symposium on Foundations of software engineering, p.3-14, October 16-18, 1996, San Francisco, California, United States
	21	Nenad Medvidovic , Richard N. Taylor, A Classification and Comparison Framework for Software Architecture Description Languages, IEEE Transactions on Software Engineering, v.26 n.1, p.70-93, January 2000  [doi>10.1109/32.825767]
	22	Nikunj R. Mehta , Nenad Medvidovic , Sandeep Phadke, Towards a taxonomy of software connectors, Proceedings of the 22nd international conference on Software engineering, p.178-187, June 04-11, 2000, Limerick, Ireland  [doi>10.1145/337180.337201]
	23	M. Moriconi , Xiaolei Qian , R. A. Riemenschneider , Li Gong, Secure software architectures, Proceedings of the 1997 IEEE Symposium on Security and Privacy, p.84, May 04-07, 1997
	24	Ray, I., France, R., Li, N., and Georg, G., An Aspect-Based Approach to Modeling Access Control Concerns. Information and Software Technology, 2004. 46(9): p. 575--587.
	25	Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
	26	Bridget Spitznagel , David Garlan, A Compositional Approach for Constructing Connectors, Proceedings of the Working IEEE/IFIP Conference on Software Architecture (WICSA'01), p.148, August 28-31, 2001  [doi>10.1109/WICSA.2001.948424]
	27	Sun, W. and Dai, Z. Aosam: A Formal Framework for Aspect-Oriented Software Architecture Specifications. in Proceedings of The 8th IASTED International Conference on Software Engineering and Applications, 2004.
	28	Francesco Tisato , Andrea Savigni , Walter Cazzola , Andrea Sosio, Architectural Reflection: Realising Software Architectures via Reflective Activities, Revised Papers from the Second International Workshop on Engineering Distributed Objects, p.102-115, November 02-03, 2000
	29	Wing, J. M., A Call to Action: Look Beyond the Horizon. Security & Privacy Magazine, IEEE, 2003. 1(6): p. 62--67.
	30	Winslett, M. An Introduction to Trust Negotiation. in Proceedings of 1st International Conference on Trust Management, p.275--283, 2003.

• ACM SIGSOFT Software Engineering Notes
  Volume 30 ,  Issue 4   July 2005