Towards Developing Secure Software Using Problem-Oriented Security Patterns

Abstract : Security as one essential quality requirement has to be addressed during the software development process. Quality requirements such as security drive the architecture of a software, while design decisions such as security patterns on the architecture level in turn might constrain the achievement of quality requirements significantly. Thus, to obtain sound architectures and correct requirements, knowledge which is gained in the solution space, for example from security patterns, should be reflected in the requirements engineering. In this paper, we propose an iterative method that takes into account the concurrent development of requirements and architecture descriptions systematically. It reuses security patterns for refining and restructuring the requirement models by applying problem-oriented security patterns. Problem-oriented security patterns adapt existing security patterns in a way that they can be used in the problem-oriented requirements engineering. The proposed method bridges the gap between security problems and security architectural solutions.
Complete list of metadatas

Cited literature [25 references]  Display  Hide  Download

https://hal.inria.fr/hal-01403985
Contributor : Hal Ifip <>
Submitted on : Monday, November 28, 2016 - 11:22:39 AM
Last modification on : Tuesday, March 20, 2018 - 2:48:32 PM
Long-term archiving on : Monday, March 20, 2017 - 8:11:20 PM

File

978-3-319-10975-6_4_Chapter.pd...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Azadeh Alebrahim, Maritta Heisel. Towards Developing Secure Software Using Problem-Oriented Security Patterns. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Sep 2014, Fribourg, Switzerland. pp.45-62, ⟨10.1007/978-3-319-10975-6_4⟩. ⟨hal-01403985⟩

Share

Metrics

Record views

101

Files downloads

201