Title: Connecting Security Requirements and Software Architecture with Patterns (Beveiligingsvereisten en softwarearchitectuur verbinden met patronen)
Other Titles: Connecting Security Requirements and Software Architecture with Patterns
Authors: Yskout, Koen
Issue Date: 19-Apr-2013
Abstract: Recurring solutions to software engineering problems are often captured in patterns, which describe, in a generic but reusable manner, a specific problem and a corresponding solution. This thesis develops a deeper understanding about how pattern catalogs can help a software architect to reconcile the software's requirements and the architecture in the context of security. To achieve this goal, we follow an empirical approach.Two aspects of development are taken into account, namely (1) the construction of the software, and (2) its evolution over time. An analysis of the security patterns landscape shows that sufficient security patterns exist for the construction of secure software, but organization is needed to make them more usable. With a controlled empirical experiment, we investigate the effect of such organization from the viewpoint of the software architect.Regarding patterns for secure co-evolution, we observe that no patterns have been defined. Therefore, we propose a framework for precisely describing such patterns (called change patterns), together with a process for applying them. We illustrate the concepts with patterns for handling evolving trust requirements and access control. The approach is validated by means of two empirical studies, and implemented in a proof of concept tool.
ISBN: 978-94-6018-652-3
Publication status: published
KU Leuven publication type: TH
Appears in Collections:Informatics Section

Files in This Item:
File Status SizeFormat
thesis.pdf Published 10799KbAdobe PDFView/Open


All items in Lirias are protected by copyright, with all rights reserved.