Title :
Do Security Patterns Really Help Designers?
Author :
Yskout, Koen ; Scandariato, Riccardo ; Joosen, Wouter
Author_Institution :
iMinds-DistriNet, KU Leuven, Leuven, Belgium
Abstract :
Security patterns are well-known solutions to security-specific problems. They are often claimed to benefit designers without much security expertise. We have performed an empirical study to investigate whether the usage of security patterns by such an audience leads to a more secure design, or to an increased productivity of the designers. Our study involved 32 teams of master students enrolled in a course on software architecture, working on the design of a realistically-sized banking system. Irrespective of whether the teams were using security patterns, we have not been able to detect a difference between the two treatment groups. However, the teams prefer to work with the support of security patterns.
Keywords :
security of data; software architecture; realistically-sized banking system; security pattern; software architecture; software design; Banking; Context; IEEE catalogs; Productivity; Security; Software; Training;
Conference_Titel :
Software Engineering (ICSE), 2015 IEEE/ACM 37th IEEE International Conference on
Conference_Location :
Florence
DOI :
10.1109/ICSE.2015.49
