• DocumentCode
    1566710
  • Title

    Using Security Patterns to Combine Security Metrics

  • Author

    Heyman, Thomas ; Scandariato, Riccardo ; Huygens, Christophe ; Joosen, Wouter

  • Author_Institution
    Dept. of Comput. Sci., DistriNet, Leuven
  • fYear
    2008
  • Firstpage
    1156
  • Lastpage
    1163
  • Abstract
    Measuring security is an important step in creating and deploying secure applications. In order to efficiently measure the level of security that an application provides, three problems need to be solved: obviously metrics need to be available, a suitable metrics framework needs to be chosen and implemented, and the resulting measurements need to be interpreted. This work focuses on the second and third problem. We propose an approach to facilitate the selection and integration of appropriate security metrics, and to support the aggregation and interpretation of measurements. Our approach associates security metrics to security patterns, and we exploit the relationships between security patterns and security objectives to enable the interpretation of measurements. The approach is illustrated in a case study.
  • Keywords
    security of data; software metrics; measurement interpretation; security metrics; security patterns; software security; Application software; Authentication; Availability; Computer science; Computer security; Measurement units; Runtime; Software design; Software engineering; Software packages; Security metrics; security patterns;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security, 2008. ARES 08. Third International Conference on
  • Conference_Location
    Barcelona
  • Print_ISBN
    978-0-7695-3102-1
  • Type

    conf

  • DOI
    10.1109/ARES.2008.54
  • Filename
    4529474
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1566710