2014
DOI: 10.1007/978-3-662-45501-2_15
|View full text |Cite
|
Sign up to set email alerts
|

Integrating Security Patterns with Security Requirements Analysis Using Contextual Goal Models

Abstract: International audienceSecurity patterns capture proven security knowledge to help analysts tackle security problems. Although advanced research in this field has produced an impressive collection of patterns, they are not widely applied in practice. In parallel, Requirements Engineering has been increasing focusing on security-specific issues, arguing for an upfront treatment of security in system design. However, the vast body of security patterns are not integrated with existing proposals for security requir… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
8
0

Year Published

2015
2015
2024
2024

Publication Types

Select...
5
2
1

Relationship

2
6

Authors

Journals

citations
Cited by 16 publications
(8 citation statements)
references
References 18 publications
0
8
0
Order By: Relevance
“…In order to guide software practitioners into the proper utilization of security patterns in their projects, the security pattern research community must attend to the fine-grain details of selecting and applying patterns in practice. We have observed a variety of pattern selection techniques in the literature including the utilization of feature models (Nguyen et al, 2015), (Slavin et al, 2014), ontology (Arjona et al, 2014), (Guan et al, 2014), and selection rules (Li et al, 2014), (Pearson and Shen, 2010). There is a lesser degree of variety in the techniques used for applying patterns.…”
Section: Techniques For Selecting and Applying Security Patterns (Rq12)mentioning
confidence: 99%
“…In order to guide software practitioners into the proper utilization of security patterns in their projects, the security pattern research community must attend to the fine-grain details of selecting and applying patterns in practice. We have observed a variety of pattern selection techniques in the literature including the utilization of feature models (Nguyen et al, 2015), (Slavin et al, 2014), ontology (Arjona et al, 2014), (Guan et al, 2014), and selection rules (Li et al, 2014), (Pearson and Shen, 2010). There is a lesser degree of variety in the techniques used for applying patterns.…”
Section: Techniques For Selecting and Applying Security Patterns (Rq12)mentioning
confidence: 99%
“…Additionally to the security requirement patterns, several design patterns for security design aspects have been developed to specify security measures, such as those in references [17,43,44]. A design pattern addresses a particular category of security concerns.…”
Section: Related Workmentioning
confidence: 99%
“…In our previous work, we have mapped such pattern concepts to contextual goal model elements (Table I) to semi-automate selection and application of security patterns [11]. Attack patterns, as a different type of pattern, are specified in the same spirit, but from an attacker's viewpoint, i.e., what an attacker wants to attack (problem), how does the attacker perform the attack (solution).…”
Section: Modeling Attack Patternsmentioning
confidence: 99%
“…The method is line with the one we have applied to security patterns [11], but has been adjusted to accommodate specific concepts in attack patterns.…”
Section: Introductionmentioning
confidence: 99%