Systematic Security Analysis for Service-Oriented Software Architectures

12 years 1 months ago
Systematic Security Analysis for Service-Oriented Software Architectures
Due to the dramatic increase in intrusive activities architecture security analysis and design has emerged as an important aspect of the development of software services. It is a well-accepted fact in software engineering that security concerns like any other quality concerns should be dealt with in the early stages of software development. However, current software security risk analysis approaches still heavily rely on ad hoc techniques. These involve significant amount of subjective efforts creating greater potential for inaccuracies. In this paper, we propose a User System Interaction Effect (USIE) model that can be used systematically to derive and analyze security concerns from service-oriented software architectures. Many aspects of the model derivation and analysis can be automated, which limit the amount of user involvement, and thereby reduce the subjectivity underlying typical security risk analysis process. The model can be used as a foundation for systematic analysis of s...
Yanguo Liu, Issa Traoré
Added 03 Jun 2010
Updated 03 Jun 2010
Type Conference
Year 2007
Authors Yanguo Liu, Issa Traoré
Comments (0)