An engineering process for security patterns application in component based models

被引:7
|
作者
Bouaziz, Rahma [1 ]
Kallel, Slim [2 ]
Coulette, Bernard [1 ]
机构
[1] Univ Toulouse, IRIT, Toulouse, France
[2] Univ Sfax, ReDCAD, Sfax, Tunisia
来源
2013 IEEE 22ND INTERNATIONAL WORKSHOP ON ENABLING TECHNOLOGIES: INFRASTRUCTURE FOR COLLABORATIVE ENTERPRISES (WETICE) | 2013年
关键词
Component; Component based systems; Security patterns; Process; Aspects; SPEM;
D O I
10.1109/WETICE.2013.27
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Security engineering with patterns is currently a very active area of research. Security patterns - an adaptation of Design Patterns to security - capture experts' experience in order to solve recurrent security problems in a structured and reusable way. In this paper, our objective is to describe an engineering process, called SCRIP (SeCurity patteRn Integration Process), which provides guidelines for integrating security patterns into component-based models. SCRIP defines activities and products to integrate security patterns in the whole development process, from UML component modeling until aspect code generation. The definition of SCRIP has been made using the OMG standard Software and System Process Engineering Meta-model (SPEM). We are developing a CASE tool to support that process.
引用
收藏
页码:231 / 236
页数:6
相关论文
共 50 条
  • [1] An Approach for Security Patterns Application in Component Based Models
    Bouaziz, Rahma
    Kallel, Slim
    Coulette, Bernard
    COMPUTATIONAL SCIENCE AND ITS APPLICATIONS - ICCSA 2014, PT V, 2014, 8583 : 283 - +
  • [2] A security engineering process based on patterns
    Hatebur, Denis
    Heisel, Maritta
    Schmidt, Holger
    DEXA 2007: 18TH INTERNATIONAL CONFERENCE ON DATABASE AND EXPERT SYSTEMS APPLICATIONS, PROCEEDINGS, 2007, : 734 - +
  • [3] A Security Engineering Process for Systems of Systems using Security Patterns
    Ruiz, Jose Fran
    Rudolph, Carsten
    Mana, Antonio
    Arjona, Marcos
    2014 8TH ANNUAL IEEE SYSTEMS CONFERENCE (SYSCON), 2014, : 8 - 11
  • [4] Ontology Based Patterns for Software Security Engineering
    Moradian, Esmiralda
    Hakansson, Anne
    Andersson, Jan-Olof
    ADVANCES IN KNOWLEDGE-BASED AND INTELLIGENT INFORMATION AND ENGINEERING SYSTEMS, 2012, 243 : 406 - 419
  • [5] Secure Component Based Applications Through Security Patterns
    Bouaziz, Rahma
    Coulette, Bernard
    2012 IEEE INTERNATIONAL CONFERENCE ON GREEN COMPUTING AND COMMUNICATIONS, CONFERENCE ON INTERNET OF THINGS, AND CONFERENCE ON CYBER, PHYSICAL AND SOCIAL COMPUTING (GREENCOM 2012), 2012, : 749 - 754
  • [6] The new topicality of using Formal Models of Security Policy within the security engineering process
    Koob, F
    Ullmann, M
    Wittmann, S
    APPLIED FORMAL METHODS - FM-TRENDS 98, 1999, 1641 : 302 - 310
  • [7] A process engineering method based on ontology and patterns
    Hug, Charlotte
    Front, Agnes
    Rieu, Dominique
    ICSOFT 2008: PROCEEDINGS OF THE THIRD INTERNATIONAL CONFERENCE ON SOFTWARE AND DATA TECHNOLOGIES, VOL ISDM/ABF, 2008, : 29 - 36
  • [8] Process Patterns for Component-Based Software Development
    Kouroshfar, Ehsan
    Shahir, Hamed Yaghoubi
    Ramsin, Raman
    COMPONENT-BASED SOFTWARE ENGINEERING, PROCEEDINGS, 2009, 5582 : 54 - 68
  • [9] System Security and System Safety Engineering: Differences and Similarities and a System Security Engineering Process Based on the ISO 26262 Process Framework
    Czerny, Barbara J.
    SAE INTERNATIONAL JOURNAL OF PASSENGER CARS-ELECTRONIC AND ELECTRICAL SYSTEMS, 2013, 6 (01): : 349 - 359
  • [10] Applying Security Patterns for Component Based Applications Using UML Profile
    Bouaziz, Rahma
    Coulette, Bernard
    15TH IEEE INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND ENGINEERING (CSE 2012) / 10TH IEEE/IFIP INTERNATIONAL CONFERENCE ON EMBEDDED AND UBIQUITOUS COMPUTING (EUC 2012), 2012, : 186 - 193
12345