By Topic

Security Variability Design and Analysis in an Aspect Oriented Software Architecture

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Lirong Dai ; Dept. of Comput. Sci. & Software Eng., Seattle Univ., Seattle, WA, USA

Developing secure systems at software architecture stage presents additional challenges: a system may demand multiple security capabilities and each security capability can be realized by many security solutions. Effective techniques are needed to assist software architects in modeling and evaluating security capabilities. The benefits of such techniques include enabling software architects to create an optimized security architecture design. This paper presents a modeling approach to support security variability design and analysis. In the approach, security capabilities are modeled as aspects and alternative security solutions are reflected. This allows to effectively perform interaction analysis among security solutions, e.g., determining supporting or conflicting solutions etc. A Health Watcher system is used to illustrate the approach, where the system is designed with two security aspects, data origin authentication and non-repudiation. The proposed security variability design approach has been showed to effectively support the interaction analysis between data origin authentication solutions and non-repudiation solutions.

Published in:

Secure Software Integration and Reliability Improvement, 2009. SSIRI 2009. Third IEEE International Conference on

Date of Conference:

8-10 July 2009