Title :
Does organizing security patterns focus architectural choices?
Author :
Skout, Koen ; Scandariato, Riccardo ; Joosen, Wouter
Author_Institution :
IBBT-DistriNet, KU Leuven, Heverlee, Belgium
Abstract :
Security patterns can be a valuable vehicle to design secure software. Several proposals have been advanced to improve the usability of security patterns. They often describe extra annotations to be included in the pattern documentation. This paper presents an empirical study that validates whether those proposals provide any real benefit for software architects. A controlled experiment has been executed with 90 master students, who have performed several design tasks involving the hardening of a software architecture via security patterns. The results show that annotations produce benefits in terms of a reduced number of alternatives that need to be considered during the selection of a suitable pattern. However, they do not reduce the time spent in the selection process.
Keywords :
design engineering; security of data; software architecture; architectural choices; pattern documentation; security pattern organization; security pattern usability; selection process; software architecture; software security design; Catalogs; Computer architecture; Context; Proposals; Security; Software; Software architecture; experiment; secure software engineering; security patterns; software architecture;
Conference_Titel :
Software Engineering (ICSE), 2012 34th International Conference on
Conference_Location :
Zurich
Print_ISBN :
978-1-4673-1066-6
Electronic_ISBN :
0270-5257
DOI :
10.1109/ICSE.2012.6227155
