A methodology for modelling and analysis of secure systems using security patterns and mitigation use cases

Many approaches for modelling security requirements have been proposed,but software industry did not reach on an agreement on how to express security requirements in a system model for software architecture. The main objective of this perspective paper is to summarize the problem space of representa...

Full description

Bibliographic Details
Main Authors: Maher, Zulfikar Ahmad, Shah, Asadullah, Shaikh, Humaiz, Rahu, Ghulam Ali, Butt, Pinial Khan, Chandio, Shahmurad, Shaikh, Saima
Format: Conference or Workshop Item
Language:English
English
Published: IEEE Explore 2018
Subjects:
Online Access:http://irep.iium.edu.my/68117/
http://irep.iium.edu.my/68117/
http://irep.iium.edu.my/68117/1/68117_A%20Methodology%20for%20Modelling%20and%20Analysis%20of%20Secure%20Systems.pdf
http://irep.iium.edu.my/68117/7/68117_A%20methodology%20for%20modelling%20and%20analysis%20of%20secure%20systems_SCOPUS.pdf
Description
Summary:Many approaches for modelling security requirements have been proposed,but software industry did not reach on an agreement on how to express security requirements in a system model for software architecture. The main objective of this perspective paper is to summarize the problem space of representation of security patterns are proposed in the literature to help the developers who lack expertise in security to implement it. Applications of security patterns has been hindered by the fact that they lack directions for their implementations in a specific scenario. This paper presents a techniques for using mitigation use cases for representation solution provided by security patterns. Different challenges and issues were identified related to the application of security patterns in industry.