Quantitative evaluation of systems with security patterns using a fuzzy approach

Authors:
Spyros T. Halkidis;Alexander Chatzigeorgiou;George Stephanides
Affiliations:
Department of Applied Informatics, University of Macedonia, Thessaloniki, Greece;Department of Applied Informatics, University of Macedonia, Thessaloniki, Greece;Department of Applied Informatics, University of Macedonia, Thessaloniki, Greece
Venue:
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I
Year:
2006

Citing 14
Cited 1

Fundamentals of computer security technology

Fundamentals of computer security technology
Design patterns: elements of reusable object-oriented software

Design patterns: elements of reusable object-oriented software
Fuzzy set theory—and its applications (3rd ed.)

Fuzzy set theory—and its applications (3rd ed.)
System failure engineering and fuzzy methodology: an introductory overview

Fuzzy Sets and Systems - Special issue on fuzzy methodology in system failure engineering
Building secure software: how to avoid security problems the right way

Building secure software: how to avoid security problems the right way
Software fault tolerance techniques and implementation

Software fault tolerance techniques and implementation
Introduction to Fuzzy Reliability

Introduction to Fuzzy Reliability
Writing Secure Code

Writing Secure Code
Hacking Exposed Web Applications: Web Application Security Secrets & Solutions

Hacking Exposed Web Applications: Web Application Security Secrets & Solutions
Exploiting Software: How to Break Code

Exploiting Software: How to Break Code
Mastering Enterprise JavaBeans

Mastering Enterprise JavaBeans
Code Quality: The Open Source Perspective (Effective Software Development Series)

Code Quality: The Open Source Perspective (Effective Software Development Series)
Stronger password authentication using browser extensions

SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Fuzzy risk analysis based on similarity measures of generalized fuzzy numbers

IEEE Transactions on Fuzzy Systems

Improving security design patterns with aspect-oriented strategies

Proceedings of the 50th Annual Southeast Regional Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

The importance of Software Security has been evident, since it has been shown that most attacks to software systems are based on vulnerabilities caused by software poorly designed and developed Furthermore, it has been discovered that it is desirable to embed security already at design phase Therefore, patterns aiming at enhancing the security of a software system, called security patterns, have been suggested The main target of this paper is to propose a mathematical model, based on fuzzy set theory, in order to quantify the security characteristics of systems using security patterns In order to achieve this we first determine experimentally to what extent specific security patterns enhance several security aspects of systems To determine this, we have developed two systems, one without security patterns and one containing them and have experimentally determined the level of the higher robustness to attacks of the latter The proposed mathematical model follows.