Takanori Kobashi, Nobukazu Yoshioka, H. Kaiya, H. Washizaki, T. Okubo, Y. Fukazawa
{"title":"通过测试设计模型来验证安全设计模式应用程序","authors":"Takanori Kobashi, Nobukazu Yoshioka, H. Kaiya, H. Washizaki, T. Okubo, Y. Fukazawa","doi":"10.4018/ijsse.2014100101","DOIUrl":null,"url":null,"abstract":"Software developers are not necessarily security experts, confirming potential threats and vulnerabilities at an early stage of the development process (e.g., in the requirementand design-phase) is insufficient. Additionally, even if designed software considers security at an early stage, whether the software really satisfies the security requirements must be confirmed. To realize secure design, this work proposes an application to validate security patterns using model testing. Its method provides extended security patterns, which include requirementand design-level patterns as well as a new model testing process using these patterns. After a developer specifies threats and vulnerabilities in the target system during an early stage of development, this method can validate whether the security patterns are properly applied and assess if these vulnerabilities are resolved. Validating Security Design Pattern Applications by Testing Design Models","PeriodicalId":89158,"journal":{"name":"International journal of secure software engineering","volume":"1 1","pages":"1-30"},"PeriodicalIF":0.0000,"publicationDate":"2014-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Validating Security Design Pattern Applications by Testing Design Models\",\"authors\":\"Takanori Kobashi, Nobukazu Yoshioka, H. Kaiya, H. Washizaki, T. Okubo, Y. Fukazawa\",\"doi\":\"10.4018/ijsse.2014100101\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software developers are not necessarily security experts, confirming potential threats and vulnerabilities at an early stage of the development process (e.g., in the requirementand design-phase) is insufficient. Additionally, even if designed software considers security at an early stage, whether the software really satisfies the security requirements must be confirmed. To realize secure design, this work proposes an application to validate security patterns using model testing. Its method provides extended security patterns, which include requirementand design-level patterns as well as a new model testing process using these patterns. After a developer specifies threats and vulnerabilities in the target system during an early stage of development, this method can validate whether the security patterns are properly applied and assess if these vulnerabilities are resolved. Validating Security Design Pattern Applications by Testing Design Models\",\"PeriodicalId\":89158,\"journal\":{\"name\":\"International journal of secure software engineering\",\"volume\":\"1 1\",\"pages\":\"1-30\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International journal of secure software engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/ijsse.2014100101\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International journal of secure software engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijsse.2014100101","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Validating Security Design Pattern Applications by Testing Design Models
Software developers are not necessarily security experts, confirming potential threats and vulnerabilities at an early stage of the development process (e.g., in the requirementand design-phase) is insufficient. Additionally, even if designed software considers security at an early stage, whether the software really satisfies the security requirements must be confirmed. To realize secure design, this work proposes an application to validate security patterns using model testing. Its method provides extended security patterns, which include requirementand design-level patterns as well as a new model testing process using these patterns. After a developer specifies threats and vulnerabilities in the target system during an early stage of development, this method can validate whether the security patterns are properly applied and assess if these vulnerabilities are resolved. Validating Security Design Pattern Applications by Testing Design Models
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
