By Topic

Systematic Security Analysis for Service-Oriented Software Architectures

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Yanguo Liu ; Univ. of Victoria, Victoria ; Issa Traore

Due to the dramatic increase in intrusive activities architecture security analysis and design has emerged as an important aspect of the development of software services. It is a well-accepted fact in software engineering that security concerns like any other quality concerns should be dealt with in the early stages of software development. However, current software security risk analysis approaches still heavily rely on ad hoc techniques. These involve significant amount of subjective efforts creating greater potential for inaccuracies. In this paper, we propose a user system interaction effect (USIE) model that can be used systematically to derive and analyze security concerns from service-oriented software architectures. Many aspects of the model derivation and analysis can be automated, which limit the amount of user involvement, and thereby reduce the subjectivity underlying typical security risk analysis process. The model can be used as a foundation for systematic analysis of software services from different security perspectives.

Published in:

e-Business Engineering, 2007. ICEBE 2007. IEEE International Conference on

Date of Conference:

24-26 Oct. 2007