Evolution of a Secure Voice Communication System

Examensarbete för masterexamen
Master Thesis
Software engineering and technology (MPSOF), MSc
Sundin, Gustav
In order to maintain a system’s security properties during evolution, it is important to follow a principled way of evolution. Doing so will decrease both the time needed to be spent on evolution as well as the number of security risks and other errors that might arise during the process. One such principled way of evolution is to use change patterns. A change pattern always covers the evolution of two closely intertwined artifacts on different levels of abstraction (such as requirements and software architecture), and gives a principled way of evolving one of the artifacts based on the changes made to the other. In this master’s thesis, a VoIP system known as Cryptify Call is evolved with the purpose of identifying at least one such change pattern. The goal of the thesis is more specifically to find a general solution on how to evolve a system from secure one-to-one into secure many-to-many communication, without violating any of the system’s security requirements along the way. Two alternative solutions to this problem are identified for the Cryptify Call system, which are then expressed as abstract and context-free change patterns. This ensures that the identified solutions are applicable not only to the Cryptify Call system or other VoIP applications, but to any type of system with a suitable software architecture. Both of the identified change patterns cover how the system’s software architecture has to evolve due to changes made to the system’s functional requirements. In order to identify these change patterns, the Cryptify Call system’s software architecture and security requirements had to be modeled using UML and SI* notation respectively, both before and after evolution. The most important roles in the software architecture for each of the solutions were then mapped to a template showing the architectural-level transformation necessary to apply that change pattern. While two alternative change patterns are given in the thesis, only one of them was actually implemented in the Cryptify Call system.
Data- och informationsvetenskap , Computer and Information Science
Arkitekt (konstruktör)
Geografisk plats
Byggnad (typ)
Teknik / material