Towards Developing Secure Software Using Problem-Oriented Security Patterns

Abstract : Security as one essential quality requirement has to be addressed during the software development process. Quality requirements such as security drive the architecture of a software, while design decisions such as security patterns on the architecture level in turn might constrain the achievement of quality requirements significantly. Thus, to obtain sound architectures and correct requirements, knowledge which is gained in the solution space, for example from security patterns, should be reflected in the requirements engineering. In this paper, we propose an iterative method that takes into account the concurrent development of requirements and architecture descriptions systematically. It reuses security patterns for refining and restructuring the requirement models by applying problem-oriented security patterns. Problem-oriented security patterns adapt existing security patterns in a way that they can be used in the problem-oriented requirements engineering. The proposed method bridges the gap between security problems and security architectural solutions.
Type de document :
Communication dans un congrès
Stephanie Teufel; Tjoa A Min; Ilsun You; Edgar Weippl. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Sep 2014, Fribourg, Switzerland. Springer, Lecture Notes in Computer Science, LNCS-8708, pp.45-62, 2014, Availability, Reliability, and Security in Information Systems. 〈10.1007/978-3-319-10975-6_4〉
Liste complète des métadonnées

Littérature citée [25 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01403985
Contributeur : Hal Ifip <>
Soumis le : lundi 28 novembre 2016 - 11:22:39
Dernière modification le : mardi 20 mars 2018 - 14:48:32
Document(s) archivé(s) le : lundi 20 mars 2017 - 20:11:20

Fichier

978-3-319-10975-6_4_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Azadeh Alebrahim, Maritta Heisel. Towards Developing Secure Software Using Problem-Oriented Security Patterns. Stephanie Teufel; Tjoa A Min; Ilsun You; Edgar Weippl. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Sep 2014, Fribourg, Switzerland. Springer, Lecture Notes in Computer Science, LNCS-8708, pp.45-62, 2014, Availability, Reliability, and Security in Information Systems. 〈10.1007/978-3-319-10975-6_4〉. 〈hal-01403985〉

Partager

Métriques

Consultations de la notice

51

Téléchargements de fichiers

45