Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ https://lirias.kuleu...arrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
https://doi.org/10.1109/secdev...
Article . 2018 . Peer-reviewed
Data sources: Crossref
DBLP
Conference object
Data sources: DBLP
versions View all 3 versions
addClaim

A Lingua Franca for Security by Design

Authors: Alexander van Den Berghe; Koen Yskout; Riccardo Scandariato; Wouter Joosen;

A Lingua Franca for Security by Design

Abstract

The principle of security by design is advocated by academia as well as industry. Unfortunately, its adoption in practice is not yet widespread. We believe a reason for this is the lack of a 'lingua franca' for security modelling. Such a language should support security specialists to precisely describe the security aspects in a software design, as well as simultaneously serve to communicate with a broader audience of stakeholders. For this paper, we have assessed how well a formally backed security modelling language we previously proposed, suits the needs of the needs of these two groups. Concretely, we report on a large user study investigating how well security novices are able to comprehend the foundations of our language. Furthermore, to assess our language's practicality, we show how it can be used to create a realistic model of authentication. We have found that our language's foundations are comprehensible to a broader audience and they allow to precisely model a design's security aspects, albeit some shortcomings requiring attention have been identified. Based on these findings, we believe that a precise yet comprehensible security by design lingua franca is within reach.

Country
Germany
Related Organizations
Keywords

User study, Security by design, Modelling language, Evaluation

  • BIP!
    Impact byBIP!
    selected citations
    These citations are derived from selected sources.
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    1
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    Average
Powered by OpenAIRE graph
Found an issue? Give us feedback
selected citations
These citations are derived from selected sources.
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
1
Average
Average
Average