Building secure software systems requires the application of a systematic methodology. A security methodology includes a security process and a conceptual security framework consisting of security artifacts such as patterns. In this work we consider systems designed using patterns. In previous work we proposed a secure systems development methodology that uses security patterns. This methodology applies security throughout the whole lifecycle and considers all architectural levels. As part of this work we have produced a variety of security patterns. As it is difficult for designers to select security patterns, we proposed SSFs (Security Solution Frames), which are hierarchical combinations of related patterns. We introduce now a new artifact, the Security Cluster, an application-oriented combination of SSFs which further facilitates the use of security patterns to build secure applications. We also present a metamodel to get a perspective of the use of these artifacts.
|ジャーナル||CEUR Workshop Proceedings|
|出版ステータス||Published - 2021|
|イベント||2018 International Workshop on Evidence-Based Security and Privacy in the Wild and the 1st International Workshop on Machine Learning Systems Engineering, WESPr-iMLSE 2018 - Nara, Japan|
継続期間: 2018 12月 4 → …
ASJC Scopus subject areas
- コンピュータ サイエンス（全般）