Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
Deriving specifications from requirements: an example
Proceedings of the 17th international conference on Software engineering
Pattern-oriented software architecture: a system of patterns
Pattern-oriented software architecture: a system of patterns
Software architecture in practice
Software architecture in practice
Problem frames: analyzing and structuring software development problems
Problem frames: analyzing and structuring software development problems
Security in Computing
Introducing Abuse Frames for Analysing Security Requirements
RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
Security in Fixed and Wireless Networks: An Introduction to securing data communications
Security in Fixed and Wireless Networks: An Introduction to securing data communications
Problem frames and architectures for security problems
SAFECOMP'05 Proceedings of the 24th international conference on Computer Safety, Reliability, and Security
A Formal Metamodel for Problem Frames
MoDELS '08 Proceedings of the 11th international conference on Model Driven Engineering Languages and Systems
SRRS: a recommendation system for security requirements
Proceedings of the 2008 international workshop on Recommendation systems for software engineering
Pattern-Based Confidentiality-Preserving Refinement
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Later stages support for security requirements
The Fifth Richard Tapia Celebration of Diversity in Computing Conference: Intellect, Initiatives, Insight, and Innovations
A Foundation for Requirements Analysis of Dependable Software
SAFECOMP '09 Proceedings of the 28th International Conference on Computer Safety, Reliability, and Security
Preserving software quality characteristics from requirements analysis to architectural design
EWSA'06 Proceedings of the Third European conference on Software Architecture
Identifying problem frames for location-based services
Proceedings of the 6th International Conference on Ubiquitous Information Management and Communication
Pattern-based evolution of software architectures
ECSA'07 Proceedings of the First European conference on Software Architecture
An approach for selecting implementation strategies of non-functional requirements
Proceedings of the Fourth Asia-Pacific Symposium on Internetware
| Hi-index | 0.00 |
We present a method for security engineering, which is based on two special kinds of problem frames that serve to structure, characterize, analyze, and finally solve software development problems in the area of software and system security. Both kinds of problem frames constitute patterns for representing security problems, variants of which occur frequently in practice. We present security problem frames, which are instantiated in the initial step of our method. They explicitly distinguish security problems from their solutions. To prepare the solution of the security problems in the next step, we employ concretized security problem frames capturing known approaches to achieve security. Finally, the last step of our method results in a specification of the system to be implemented given by concrete security mechanisms and instantiated generic sequence diagrams. We illustrate our approach by the example of a secure remote display system.