2011
DOI: 10.1007/978-3-642-19125-1_13
|View full text |Cite
|
Sign up to set email alerts
|

The Security Twin Peaks

Abstract: Abstract. The feedback from architectural decisions to the elaboration of requirements is an established concept in the software engineering community. However, pinpointing the nature of this feedback in a precise way is a largely open problem. Often, the feedback is generically characterized as additional qualities that might be affected by an architect's choice. This paper provides a practical perspective on this problem by leveraging architectural security patterns. The contribution of this paper is the Sec… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
13
0

Year Published

2011
2011
2016
2016

Publication Types

Select...
5
1
1

Relationship

2
5

Authors

Journals

citations
Cited by 18 publications
(13 citation statements)
references
References 26 publications
0
13
0
Order By: Relevance
“…Various security pattern classification approaches have been proposed since Gamma et al introduced the first classification of security patterns (GoF patterns) [4] . Heyman et al [5] classified 220 security patterns into three categories: guidelines, process and core patterns. Design guidelines described by Viega and McGraw in [6] were used to compare 8 security patterns by Cheng et al in [7].…”
Section: Review Of Security Pattern Selectionmentioning
confidence: 99%
“…Various security pattern classification approaches have been proposed since Gamma et al introduced the first classification of security patterns (GoF patterns) [4] . Heyman et al [5] classified 220 security patterns into three categories: guidelines, process and core patterns. Design guidelines described by Viega and McGraw in [6] were used to compare 8 security patterns by Cheng et al in [7].…”
Section: Review Of Security Pattern Selectionmentioning
confidence: 99%
“…The interaction between requirements and architecture was first emphasized by Nuseibeh in [20], where he proposes a twin peaks model to show these interactions at an abstract level. Heyman et al [9] and Okubo et al [21] specialize the twin peaks model in the security area, respectively. They all outline a constructive process for co-developing secure software architectures and security requirements, but do not consider the impact secure architectures impose on other non-security requirements.…”
Section: Related Workmentioning
confidence: 99%
“…Viewed as a cross-cutting concern [23], security mechanisms have global impact over the entire system. Some approaches have claimed that leveraging security mechanisms influences system requirements specifications, which should be iteratively constructed by considering the application of security mechanisms [9,8]. However, these proposals only focus on new functional requirements that are introduced by a security mechanism and omit their impact on existing functional and nonfuntional requirements.…”
Section: Introductionmentioning
confidence: 99%
“…The security Twin Peaks model [20] provides a framework for developing security in the requirements and the architectural artifacts in parallel. Taking architectural security patterns into account, the model supports the elaboration of the problem and the solution artifacts by considering feedback coming from the counterpart peak.…”
Section: Related Workmentioning
confidence: 99%