Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
Pattern-oriented software architecture: a system of patterns
Pattern-oriented software architecture: a system of patterns
Integrating obstacles in goal-driven requirements engineering
Proceedings of the 20th international conference on Software engineering
The Persona Lifecycle: Keeping People in Mind Throughout Product Design
The Persona Lifecycle: Keeping People in Mind Throughout Product Design
Software Security: Building Security In
Software Security: Building Security In
Software Abstractions: Logic, Language, and Analysis
Software Abstractions: Logic, Language, and Analysis
Requirements Engineering
A meta-model for usable secure requirements engineering
Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems
Security in Context: Analysis and Refinement of Software Architectures
COMPSAC '10 Proceedings of the 2010 IEEE 34th Annual Computer Software and Applications Conference
Model-Driven Risk Analysis: The CORAS Approach
Model-Driven Risk Analysis: The CORAS Approach
User-Centered Information Security Policy Development in a Post-Stuxnet World
ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
Here's Johnny: A Methodology for Developing Attacker Personas
ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
HASE '11 Proceedings of the 2011 IEEE 13th International Symposium on High-Assurance Systems Engineering
Cross-Platform Access Control for Mobile Web Applications
POLICY '12 Proceedings of the 2012 IEEE International Symposium on Policies for Distributed Systems and Networks
Guidelines for integrating personas into software engineering tools
Proceedings of the 5th ACM SIGCHI symposium on Engineering interactive computing systems
Hi-index | 0.00 |
A secure system architecture is often based on a variety of design and security model elements. Without some way of evaluating the impact of these individual design elements in the face of possible attacks, design flaws may weaken a software architecture. This paper illustrates how architectural and contextualised attack patterns can be used to formalise the elements of architectural attacks and possible defences. We illustrate how these patterns, and tool-support building upon them, can be used to automate an architectural risk analysis process. We demonstrate this approach using an example from the EU FP7 webinos project.