SoSPa: A system of Security design Patterns for systematically engineering secure systems
SoSPa: A system of Security design Patterns for systematically engineering secure systems
Model-Driven Security (MDS) for secure systems development still has limitations to be more applicable in practice. A recent systematic review of MDS shows that current MDS approaches have not dealt with multiple security concerns systematically. Besides, catalogs of security patterns which can address multiple security concerns have not been applied efficiently. This paper presents an MDS approach based on a unified System of Security design Patterns (SoSPa). In SoSPa, security design patterns are collected, specified as reusable aspect models to form a coherent system of them that guides developers in systematically addressing multiple security concerns. SoSPa consists of not only interrelated security design patterns but also a refinement process towards their application. We applied SoSPa to design the security of crisis management systems. The result shows that multiple security concerns in the case study have been addressed by systematically integrating different security solutions.
- KU Leuven Belgium
- University of Luxembourg Luxembourg
- Simula Research Laboratory Norway
- Katholieke Universiteit Leuven Belgium
- University of Gothenburg Sweden
: Computer science [C05] [Engineering, computing & technology], Technology, Authentication, Science & Technology, security design, Crisis management, Engineering, Electrical & Electronic, Permission, Random access memory, : Sciences informatiques [C05] [Ingénierie, informatique & technologie], Computer Science, Software Engineering, model-driven security, Engineering, System analysis and design, Computer Science, Authorization, security patterns
: Computer science [C05] [Engineering, computing & technology], Technology, Authentication, Science & Technology, security design, Crisis management, Engineering, Electrical & Electronic, Permission, Random access memory, : Sciences informatiques [C05] [Ingénierie, informatique & technologie], Computer Science, Software Engineering, model-driven security, Engineering, System analysis and design, Computer Science, Authorization, security patterns
selected citations These citations are derived from selected sources.This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).10 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Average influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Top 10% impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average
Citations provided by BIP!Popularity provided by BIP!