research-article

Architectural Analysis for Security

Authors:

Jungwoo Ryoo,

Rick Kazman,

Priya AnandAuthors Info & Claims

IEEE Security & Privacy, Volume 13, Issue 6

Pages 52 - 59

https://doi.org/10.1109/MSP.2015.126

Published: 01 November 2015 Publication History

Abstract

Existing research on systems security has focused on coding, providing little insight into how to create a secure architecture. Combining architectural analysis techniques based on tactics, patterns, and vulnerabilities will achieve the best outcomes.

References

[1]

D. Falessi et al., “Decision-Making Techniques for Software Architecture Design: A Comparative Survey,” ACM Computing Surveys, vol. 43, no. 4, 2011, pp. 33:1–33:28.

Digital Library

Google Scholar

[2]

S. T. Halkidis et al., “Architectural Risk Analysis of Software Systems Based on Security Patterns,” IEEE Trans. Dependable and Secure Computing, vol. 5, no. 3, 2008, pp. 129–142.

Digital Library

Google Scholar

[3]

E. B. Fernandez, “A Methodology for Secure Software Design,” in Proc. 2004 Int'l Conf. Software Engineering Research and Practice (SERP 04), 2004, pp. 130–136.

Google Scholar

[4]

M. Hafiz, P. Adamczyk, and R. E. Johnson, “Organizing Security Patterns,” IEEE Software, vol. 24, no. 4, 2007, pp. 52–60.

Digital Library

Google Scholar

[5]

P. Manadhata and J. Wing, “An Attack Surface Metric,” IEEE Trans Software Eng., vol. 37, no. 3. 2011, pp. 371–386.

Digital Library

Google Scholar

Cited By

View all

Yang MYang SWong W(2024)Multi-Objective Software Defect Prediction via Multi-Source Uncertain Information Fusion and Multi-Task Multi-View LearningIEEE Transactions on Software Engineering10.1109/TSE.2024.342159150:8(2054-2076)Online publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1109/TSE.2024.3421591
Alrumaih TAlenazi MAlSowaygh NHumayed AAlablani I(2024)Cyber resilience in industrial networksJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.10178135:9Online publication date: 1-Feb-2024
https://dl.acm.org/doi/10.1016/j.jksuci.2023.101781
Santos JSuloglu SYe JMirakhorli M(2020)Towards an Automated Approach for Detecting Architectural Weaknesses in Critical SystemsProceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops10.1145/3387940.3392222(250-253)Online publication date: 27-Jun-2020
https://dl.acm.org/doi/10.1145/3387940.3392222
Show More Cited By

Index Terms

Architectural Analysis for Security

Index terms have been assigned to the content through auto-classification.

Recommendations

Architectural Solutions to Mitigate Security Vulnerabilities in Software Systems
ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security

Security issues emerging out of the constantly evolving software applications became a huge challenge to software security experts. In this paper, we propose a prototype to detect vulnerabilities by identifying their architectural sources and also use ...
Analysis and countermeasures of security vulnerability on portal sites
ICUIMC '11: Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication

Recently, major portal sites are suffering from a number of attacks and it is growing exponentially. July 2009, there has been system failure on government sites and some of the major portal sites due to the DDoS (Distributed Denial of Service) attack. ...
Security analysis for cyber-physical systems against stealthy cyber attacks
CERIAS '13: Proceedings of the 14th Annual Information Security Symposium

Security of Cyber-Physical Systems (CPS) against cyber attacks is an important yet challenging problem. Since most cyber attacks happen in erratic ways, it is difficult to describe them systematically. In this paper, instead of identifying a specific ...

Comments

Information & Contributors

Information

Published In

IEEE Security and Privacy Volume 13, Issue 6

Nov.-Dec. 2015

94 pages

ISSN:1540-7993

Issue’s Table of Contents

Publisher

IEEE Educational Activities Department

United States

Publication History

Published: 01 November 2015

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 20 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Yang MYang SWong W(2024)Multi-Objective Software Defect Prediction via Multi-Source Uncertain Information Fusion and Multi-Task Multi-View LearningIEEE Transactions on Software Engineering10.1109/TSE.2024.342159150:8(2054-2076)Online publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1109/TSE.2024.3421591
Alrumaih TAlenazi MAlSowaygh NHumayed AAlablani I(2024)Cyber resilience in industrial networksJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.10178135:9Online publication date: 1-Feb-2024
https://dl.acm.org/doi/10.1016/j.jksuci.2023.101781
Santos JSuloglu SYe JMirakhorli M(2020)Towards an Automated Approach for Detecting Architectural Weaknesses in Critical SystemsProceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops10.1145/3387940.3392222(250-253)Online publication date: 27-Jun-2020
https://dl.acm.org/doi/10.1145/3387940.3392222
Milhem HWeiss MSomé SWeiss M(2019)Extraction of architectural patterns from frameworks and modeling their contributions to qualitiesProceedings of the 26th Conference on Pattern Languages of Programs10.5555/3492252.3492255(1-20)Online publication date: 7-Oct-2019
https://dl.acm.org/doi/10.5555/3492252.3492255
Anand PRyoo J(2018)Architectural Solutions to Mitigate Security Vulnerabilities in Software SystemsProceedings of the 13th International Conference on Availability, Reliability and Security10.1145/3230833.3233766(1-5)Online publication date: 27-Aug-2018
https://dl.acm.org/doi/10.1145/3230833.3233766
Dayanandan UKalimuthu V(2018)Software Architectural Quality Assessment Model for Security Analysis Using Fuzzy Analytical Hierarchy Process (FAHP) Method3D Research10.1007/s13319-018-0183-x9:3(1-14)Online publication date: 1-Sep-2018
https://dl.acm.org/doi/10.1007/s13319-018-0183-x
Pedraza-García GNoël RMatalonga SAstudillo HFernandez EBahsoon RWeinreich R(2016)Mitigating security threats using tactics and patternsProccedings of the 10th European Conference on Software Architecture Workshops10.1145/2993412.3007552(1-7)Online publication date: 28-Nov-2016
https://dl.acm.org/doi/10.1145/2993412.3007552
Chen HKazman RMonarch IWang P(2016)Predicting and fixing vulnerabilities before they occurProceedings of the 2nd International Workshop on BIG Data Software Engineering10.1145/2896825.2896829(72-75)Online publication date: 14-May-2016
https://dl.acm.org/doi/10.1145/2896825.2896829
Chen HKazman RMonarch IWang P(2016)Predicting and fixing vulnerabilities before they occurProceedings of the 2nd International Workshop on BIG Data Software Engineering10.1145/2884781.2896829(72-75)Online publication date: 14-May-2016
https://dl.acm.org/doi/10.1145/2884781.2896829

Abstract

References

Cited By

Index Terms

Recommendations

Architectural Solutions to Mitigate Security Vulnerabilities in Software Systems

Analysis and countermeasures of security vulnerability on portal sites

Security analysis for cyber-physical systems against stealthy cyber attacks

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations