An Architectural Foundation for Security Model Sharing and Reuse

Author

Meland, Per Hakon ; Ardi, Shanai ; Jensen, Jostein ; Rios, Erkuden ; Sanchez, Txus ; Shahmehri, Nahid ; Tondel, Inger Anne

Author_Institution

SINTEF ICT, Software Eng., Safety & Security, Trondheim

fYear

2009

fDate

16-19 March 2009

Firstpage

823

Lastpage

828

Abstract

Within the field of software security we have yet to find efficient ways on how to learn from past mistakes and integrate security as a natural part of software development. This situation can be improved by using an online repository, the SHIELDS SVRS, that facilitates fast and easy interchange of security artefacts between security experts, software developers and their assisting tools. Such security artefacts are embedded in or represented as security models containing the needed information to detect, remove and prevent vulnerabilities in software, independent of the applied development process. The purpose of this paper is to explain the main reference architecture description of the repository and the more general tool stereotypes that can communicate with it.

Keywords

security of data; software architecture; software reusability; SHIELDS SVRS; architectural foundation; online repository; security model reuse; security model sharing; security vulnerability repository service; software development; software security; vulnerability detection; vulnerability prevention; vulnerability removal; Collaborative software; Computer security; Costs; Embedded software; Europe; Information security; Programming; Software reusability; Software safety; Software tools; architecture; security modelling; sharing security knowledge; software security;

fLanguage

English

Publisher

ieee

Conference_Titel

Availability, Reliability and Security, 2009. ARES '09. International Conference on

Conference_Location

Fukuoka

Print_ISBN

978-1-4244-3572-2

Electronic_ISBN

978-0-7695-3564-7

Type

conf

DOI

10.1109/ARES.2009.110

Filename

5066571