Does Organizing Security Patterns Focus Architectural Choices?

Saved in:
Bibliographic Details
Title: Does Organizing Security Patterns Focus Architectural Choices?
Authors: Yskout, Koen1, Scandariato, Riccardo1, Joosen, Wouter1
Source: ICSE: International Conference on Software Engineering. Feb2012, p617-627. 11p.
Subjects: Computer security, Software patterns, Computer software development, Computer architecture, Systems development, Computer systems
Abstract: Security patterns can be a valuable vehicle to design secure software. Several proposals have been advanced to improve the usability of security patterns. They often describe extra annotations to be included in the pattern documentation. This paper presents an empirical study that validates whether those proposals provide any real benefit for software architects. A controlled experiment has been executed with 90 master students, who have performed several design tasks involving the hardening of a software architecture via security patterns. The results show that annotations produce benefits in terms of a reduced number of alternatives that need to be considered during the selection of a suitable pattern. However, they do not reduce the time spent in the selection process. [ABSTRACT FROM AUTHOR]
Copyright of ICSE: International Conference on Software Engineering is the property of Association for Computing Machinery and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
FullText Links:
  – Type: pdflink
Text:
  Availability: 0
Header DbId: egs
DbLabel: Engineering Source
An: 78198124
AccessLevel: 6
PubType: Conference
PubTypeId: conference
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: Does Organizing Security Patterns Focus Architectural Choices?
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Yskout%2C+Koen%22">Yskout, Koen</searchLink><relatesTo>1</relatesTo><br /><searchLink fieldCode="AR" term="%22Scandariato%2C+Riccardo%22">Scandariato, Riccardo</searchLink><relatesTo>1</relatesTo><br /><searchLink fieldCode="AR" term="%22Joosen%2C+Wouter%22">Joosen, Wouter</searchLink><relatesTo>1</relatesTo>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22ICSE%3A+International+Conference+on+Software+Engineering%22">ICSE: International Conference on Software Engineering</searchLink>. Feb2012, p617-627. 11p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Computer+security%22">Computer security</searchLink><br /><searchLink fieldCode="DE" term="%22Software+patterns%22">Software patterns</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+software+development%22">Computer software development</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+architecture%22">Computer architecture</searchLink><br /><searchLink fieldCode="DE" term="%22Systems+development%22">Systems development</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+systems%22">Computer systems</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: Security patterns can be a valuable vehicle to design secure software. Several proposals have been advanced to improve the usability of security patterns. They often describe extra annotations to be included in the pattern documentation. This paper presents an empirical study that validates whether those proposals provide any real benefit for software architects. A controlled experiment has been executed with 90 master students, who have performed several design tasks involving the hardening of a software architecture via security patterns. The results show that annotations produce benefits in terms of a reduced number of alternatives that need to be considered during the selection of a suitable pattern. However, they do not reduce the time spent in the selection process. [ABSTRACT FROM AUTHOR]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of ICSE: International Conference on Software Engineering is the property of Association for Computing Machinery and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=78198124
RecordInfo BibRecord:
  BibEntity:
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 11
        StartPage: 617
    Subjects:
      – SubjectFull: Computer security
        Type: general
      – SubjectFull: Software patterns
        Type: general
      – SubjectFull: Computer software development
        Type: general
      – SubjectFull: Computer architecture
        Type: general
      – SubjectFull: Systems development
        Type: general
      – SubjectFull: Computer systems
        Type: general
    Titles:
      – TitleFull: Does Organizing Security Patterns Focus Architectural Choices?
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Yskout, Koen
      – PersonEntity:
          Name:
            NameFull: Scandariato, Riccardo
      – PersonEntity:
          Name:
            NameFull: Joosen, Wouter
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 01
              M: 02
              Text: Feb2012
              Type: published
              Y: 2012
          Titles:
            – TitleFull: ICSE: International Conference on Software Engineering
              Type: main
ResultId 1