Title :
A scenario-based framework for the security evaluation of software architecture
Author :
Alkussayer, Abdulaziz ; Allen, William H.
Author_Institution :
Dept. of Comput. Sci., Florida Inst. of Technol., Melbourne, FL, USA
Abstract :
Software security has become a crucial component of software systems in today´s market. However, software security development is still a maturing process. In this paper, we present an approach for assessing software architecture to determine how well it can satisfy intended security requirements. It is important to be able to assess the security of software under development at an early stage (e.g., the design stage). By doing so we are not only reducing the probability that flaws will be introduced and ensuring that stakeholder requirements have been met, but also focusing on a stage where changes will cost just a fraction of what they would cost in later stages (e.g. implementation). This paper reports on the ongoing development of a systematic security evaluation framework that aids in assessing the level of security supported by a given architecture and provides the ability to qualitatively compare multiple architectures with respect to their security support.
Keywords :
security of data; software architecture; scenario-based framework; software architecture; software security development; stakeholder requirements; systematic security evaluation framework; Computer architecture; Logic gates; Security; Software; Variable speed drives; Scenario-Based Evaluation; Secure Software; Software Architecture; Software Engineering;
Conference_Titel :
Computer Science and Information Technology (ICCSIT), 2010 3rd IEEE International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-5537-9
DOI :
10.1109/ICCSIT.2010.5564015