A framework for information systems architecture
IBM Systems Journal
Hints for Reviewing Empirical Work in Software Engineering
Empirical Software Engineering
Software Architecture in Practice
Software Architecture in Practice
Eliciting security requirements with misuse cases
Requirements Engineering
Security Patterns: Integrating Security and Systems Engineering
Security Patterns: Integrating Security and Systems Engineering
The Security Development Lifecycle
The Security Development Lifecycle
An Analysis of the Security Patterns Landscape
SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems
Analysis and Component-based Realization of Security Requirements
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
IEEE Software
A checklist for integrating student empirical studies with research and teaching goals
Empirical Software Engineering
APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development
Hi-index | 0.00 |
Security patterns can be a valuable vehicle to design secure software. Several proposals have been advanced to improve the usability of security patterns. They often describe extra annotations to be included in the pattern documentation. This paper presents an empirical study that validates whether those proposals provide any real benefit for software architects. A controlled experiment has been executed with 90 master students, who have performed several design tasks involving the hardening of a software architecture via security patterns. The results show that annotations produce benefits in terms of a reduced number of alternatives that need to be considered during the selection of a suitable pattern. However, they do not reduce the time spent in the selection process.