Validating security design patterns application using model testing

Takanori Kobashi, Nobukazu Yoshioka, Takao Okubo, Haruhiko Kaiya, Hironori Washizaki, Yoshiaki Fukazawa

Research output: Chapter in Book/Report/Conference proceedingConference contribution

8 Citations (Scopus)

Abstract

Software developers are not necessarily security specialists, security patterns provide developers with the knowledge of security specialists. Although security patterns are reusable and include security knowledge, it is possible to inappropriately apply a security pattern or that a properly applied pattern does not mitigate threats and vulnerabilities. Herein we propose a method to validate security pattern applications. Our method provides extended security patterns, which include requirement- and design-level patterns as well as a new model testing process using these patterns. Developers specify the threats and vulnerabilities in the target system during an early stage of development, and then our method validates whether the security patterns are properly applied and assesses whether these vulnerabilities are resolved.

Original languageEnglish
Title of host publicationProceedings - 2013 International Conference on Availability, Reliability and Security, ARES 2013
Pages62-71
Number of pages10
DOIs
Publication statusPublished - 2013 Dec 1
Event2013 8th International Conference on Availability, Reliability and Security, ARES 2013 - Regensburg, Germany
Duration: 2013 Sep 22013 Sep 6

Publication series

NameProceedings - 2013 International Conference on Availability, Reliability and Security, ARES 2013

Conference

Conference2013 8th International Conference on Availability, Reliability and Security, ARES 2013
CountryGermany
CityRegensburg
Period13/9/213/9/6

Keywords

  • Model Testing
  • Security Patterns
  • Test-Driven Development
  • UML

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Validating security design patterns application using model testing'. Together they form a unique fingerprint.

  • Cite this

    Kobashi, T., Yoshioka, N., Okubo, T., Kaiya, H., Washizaki, H., & Fukazawa, Y. (2013). Validating security design patterns application using model testing. In Proceedings - 2013 International Conference on Availability, Reliability and Security, ARES 2013 (pp. 62-71). [6657227] (Proceedings - 2013 International Conference on Availability, Reliability and Security, ARES 2013). https://doi.org/10.1109/ARES.2013.13