An Engineering Process for Security Patterns Application in Component Based Models

Author

Bouaziz, Rafik ; Kallel, Slim ; Coulette, B.

Author_Institution

IRIT, Univ. of Toulouse, Toulouse, France

fYear

2013

fDate

17-20 June 2013

Firstpage

231

Lastpage

236

Abstract

Security engineering with patterns is currently a very active area of research. Security patterns - an adaptation of Design Patterns to security - capture experts´ experience in order to solve recurrent security problems in a structured and reusable way. In this paper, our objective is to describe an engineering process, called SCRIP (SeCurity patteRn Integration Process), which provides guidelines for integrating security patterns into component-based models. SCRIP defines activities and products to integrate security patterns in the whole development process, from UML component modeling until aspect code generation. The definition of SCRIP has been made using the OMG standard Software and System Process Engineering Meta-model (SPEM). We are developing a CASE tool to support that process.

Keywords

Unified Modeling Language; object-oriented programming; program compilers; security of data; CASE tool; OMG standard software; SCRIP; SPEM; UML component modeling; aspect code generation; component based models; component-based models; design patterns; engineering process; security engineering; security pattern integration process; security patterns application; system process engineering meta-model; Access control; Educational institutions; Global Positioning System; Software; Standards; Unified modeling language; Aspects; Component based systems; Process; SPEM; Security patterns;

fLanguage

English

Publisher

ieee

Conference_Titel

Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), 2013 IEEE 22nd International Workshop on

Conference_Location

Hammamet

ISSN

1524-4547

Print_ISBN

978-1-4799-0405-1

Type

conf

DOI

10.1109/WETICE.2013.27

Filename

6570618