Implementation Support of Security Design Patterns Using Test Templates

Yoshizawa, Masatoshi; Washizaki, Hironori; Fukazawa, Yoshiaki; Okubo, Takao; Kaiya, Haruhiko; Yoshioka, Nobukazu

doi:10.3390/info7020034

Cited by 10 publications

(4 citation statements)

References 28 publications

(33 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In literature, selection and application of security patterns for security requirements of IoT does not have empirical methodology. The limitation in [21] may overcome i.e Object Constraint Language (OCL) may not necessary to prepare Decision Table and pointcut advice Model (Aspect Programming) to understand the pattern internal processing. Instead of OCL, we can use Misuse case extension to prepare decision table and Pointcut Advice pair model.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Development of IoT Health Monitor System using Security Patterns

Aruna¹,

Reddy²,

Sunitha³

2020

IJEAT

View full text Add to dashboard Cite

Context: The most important non-functional requirement of the software application is the security. Developing Secure Software is a challenging Process. Software vulnerabilities and defects may disclose by developers, users, hackers due to Software-intensive systems get connected more and more in every day’s lives. A better way to develop secure software is, enhance security processes in all the phases in SDLC. To enhance security in SDLC process required lots of mechanisms and systematic measures to assess the security during the development process. Objective: In this paper, we propose a method “Security aware-Software Development Life Cycle (Sa-SDLC) using Security Patterns”. We also measure our security efforts in SDLC. This method fills the insecurity gaps from root level to top level in Granular style approach. Our method is suggestible for security critical applications such as Medical, Finance, Legacy and Communication (Messaging like email) Systems. Results: we successfully implemented our approach on remote health monitor since IoT devices are convenient in everyday life, these devices are using in home, environment, healthcare due to its feasible networking, storage and process features etc. In IoT health care applications, security of the sensitive data is paramount since humans are part of the IoT platform. IoTs heterogeneous network connectivity and expected growth, opens many new threats and attacks which impacts on life of a patient. Conclusion: Hence, our proposed methodology is implemented on Security Essential IoT based health care application and measures shows our method is improved software security

show abstract

Section: Discussionmentioning

confidence: 99%

“…We adapted Text Categorization Process [19], Restricted Misuse Case Modeling [20], validating security patterns using Test Template [21] approaches to extend our Methodology. The proposed Sa-SDLC methodology, integrate security patterns mechanisms in each phase of SDLC to reduce impact of vulnerabilities.…”

Section: The Proposed Methodologymentioning

confidence: 99%

Development of IoT Health Monitor System using Security Patterns

Aruna¹,

Reddy²,

Sunitha³

2020

IJEAT

View full text Add to dashboard Cite

show abstract

“…Research is needed to answer a number of fundamental questions related to how requirements for forensic-ready systems should be implemented and whether these requirements are solely about data preservation activities. Architectural patterns (similar to security patterns [29]) could also be investigated to design forensic-ready systems. Additional challenges relate to managing trade-offs between forensic readiness requirements such as privacy and availability given that some of these could manifest at runtime.…”

Section: Representing and Reasoning About Forensic-ready Systemsmentioning

confidence: 99%

Towards forensic-ready software systems

Pasquale

Alrajeh

Peersman

et al. 2018

Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results

View full text Add to dashboard Cite

As software becomes more ubiquitous, and the risk of cyber-crimes increases, ensuring that software systems are forensic-ready (i.e., capable of supporting potential digital investigations) is critical. However, little or no attention has been given to how well-suited existing software engineering methodologies and practices are for the systematic development of such systems. In this paper, we consider the meaning of forensic readiness of software, define forensic readiness requirements, and highlight some of the open software engineering challenges in the face of forensic readiness. We use a real software system developed to investigate online sharing of child abuse media to illustrate the presented concepts. CCS CONCEPTS • Software and its engineering → Requirements analysis; • Applied computing → Evidence collection, storage and analysis;

show abstract

“…Yoshizawa et al are concerned with implementation aspects of security patterns [8]. They indicate that developers may apply the patterns in ways that introduce vulnerabilities and propose a test template to determine if an applied pattern has introduced vulnerabilities.…”

mentioning

confidence: 99%

Introduction to the Special Issue on Evaluating the Security of Complex Systems

Fernández

2016

Information

View full text Add to dashboard Cite

Recent security breaches show the need to secure large, distributed, complex systems. A fundamental, but little discussed aspect of security is how to evaluate when a complete system is secure. Purely formal methods cannot handle this level of complexity. Code checking does not consider the interaction of separate modules working together and is hard to scale. Model-based approaches, such as patterns and problem frames, can be effective for handling large systems. Their use in evaluating security appears promising. A few works in this direction exist, but there is a need for more ideas. This Special Issue focuses on global, model-based, architectural, and systems-oriented evaluation methods.

show abstract

Implementation Support of Security Design Patterns Using Test Templates

Cited by 10 publications

References 28 publications

Development of IoT Health Monitor System using Security Patterns

Development of IoT Health Monitor System using Security Patterns

Towards forensic-ready software systems

Introduction to the Special Issue on Evaluating the Security of Complex Systems

Contact Info

Product

Resources

About