Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
Writing Secure Code
Security attribute evaluation method: a cost-benefit approach
Proceedings of the 24th International Conference on Software Engineering
Modeling and Quantification of Security Attributes of Software Systems
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Threat Modeling
Software Security: Building Security In
Software Security: Building Security In
Attribute-based encryption for fine-grained access control of encrypted data
Proceedings of the 13th ACM conference on Computer and communications security
Software Engineering: A Practitioner's Approach
Software Engineering: A Practitioner's Approach
Threat Mitigation, Monitoring and Management Plan - A New Approach in Risk Management
ARTCOM '09 Proceedings of the 2009 International Conference on Advances in Recent Technologies in Communication and Computing
Identifying Security Requirements Hybrid Technique
ICSEA '09 Proceedings of the 2009 Fourth International Conference on Software Engineering Advances
Avoiding Threats Using Multi Agent System Planning for Web Based Systems
ICCCI '09 Proceedings of the 1st International Conference on Computational Collective Intelligence. Semantic Web, Social Networks and Multiagent Systems
Approach to solving security problems using meta-agents in multi agent system
KES-AMSTA'08 Proceedings of the 2nd KES International conference on Agent and multi-agent systems: technologies and applications
Predicate encryption supporting disjunctions, polynomial equations, and inner products
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Controlling security of software development with multi-agent system
KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part IV
A semantically enhanced service repository for user-centric service discovery and management
Data & Knowledge Engineering
Mitigating multi-threats optimally in proactive threat management
ACM SIGSOFT Software Engineering Notes
| Hi-index | 0.00 |
The increasing complexity of software systems along with expanding connectivity has necessitated the evolution of an integrated security framework adopting innovative techniques for secure software systems. This paper proposes a layered security architecture for threat management using a multi-agent system to meet the above objective. Layer- 1 of this framework is designed for elicitation of realistic and flawless security requirements. Layer-2 uses a Multi-Agent system planning for avoidance of threats optimally. In this mechanism autonomous agents interact and coordinate with each other to achieve the common goal of software security. An adaptive defense mechanism using Meta-Agents in multi-agent system in conjunction with fuzzy logic to counter the adaptive and compound threats is the responsibility of Layer-3. Guidelines proposed in this paper have augmented this security architecture as a two-fold defensive strategy to ensure that a hacker is not able to tamper data even if they penetrate the periphery defenses. These proactive steps can be implemented during the design and development phases of the software life cycle in an incremental way as per the budget and security requirements of a software project. A case study on internet banking is included in the paper to describe the proposed security framework.