Revisiting Architectural Tactics for Security

被引：18

作者：

Fernandez, Eduardo B. ^{[1
]}

Astudillo, Hernan ^{[2
]}

Pedraza-Garcia, Gilberto ^{[3
,4
]}

机构：

[1] Florida Atlantic Univ, Boca Raton, FL 33431 USA

[2] Univ Tecn Federico Santa Maria, Dept Informat, Valparaiso, Chile

[3] Univ Los Andes, Bogota, Colombia

[4] Univ Piloto Colombia, Programa Ingn Sistemas, Bogota, Colombia

来源：

SOFTWARE ARCHITECTURE (ECSA 2015) | 2015年 / 9278卷

关键词：

Architecture tactics; Secure architectures; Security patterns; Secure software development;

D O I：

10.1007/978-3-319-23727-5_5

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Architectural tactics are design decisions intended to improve some system quality factor. Since their initial formulation, they have been formalized, compared with patterns and associated to styles, but the initial set of tactics for security has only been refined once. We have examined this tactics set and classification from the viewpoint of security research, and concluded that some tactics would be better described as principles or policies, some are not needed, and others do not cover the functions needed to secure systems, which makes them not very useful for designers. We propose here a refined set and classification of architectural tactics for security, which we consider more appropriate than the original and the previously refined sets. We also suggest how to realize them using security patterns.

引用

页码：55 / 69

页数：15

共 50 条

[1] A quantitative and knowledge-based approach to choosing security architectural tactics
Kim, Suntae
[J]. INTERNATIONAL JOURNAL OF AD HOC AND UBIQUITOUS COMPUTING, 2015, 18 (1-2) : 45 - 53
[2] Towards a Reliable Mapping between Performance and Security Tactics, and Architectural Patterns
Alebrahim, Azadeh
Fassbender, Stephan
Filipczyk, Martin
Goedicke, Michael
Heisel, Maritta
[J]. PROCEEDINGS OF THE 20TH EUROPEAN CONFERENCE ON PATTERN LANGUAGES OF PROGRAMS (EUROPLOP 2015), 2015,
[3] Identifying Availability Tactics to Support Security Architectural Design of Microservice-based Systems
Marquez, Gaston
Astudillo, Hernan
[J]. 13TH EUROPEAN CONFERENCE ON SOFTWARE ARCHITECTURE (ECSA 2019), VOL 2, 2019, : 123 - 129
[4] Analysing Tactics in Architectural Patterns
Sanchez, Alejandro
Aguiar, Ademar
Barbosa, Luis S.
Riesco, Daniel
[J]. PROCEEDINGS OF THE 2012 IEEE 35TH SOFTWARE ENGINEERING WORKSHOP (SEW 2012), 2012, : 32 - 41
[5] Understanding Software Vulnerabilities Related to Architectural Security Tactics An Empirical Investigation of Chromium, PHP and Thunderbird
Santos, Joanna C. S.
Peruma, Anthony
Mirakhorli, Mehdi
Galster, Matthias
Vidal, Jairo Veloz
Sejfia, Adriana
[J]. 2017 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ARCHITECTURE (ICSA 2017), 2017, : 69 - 78
[6] On Architectural Qualities and Tactics for Mobile Sensing
Kjaergaard, Mikkel Baun
Kuhrmann, Marco
[J]. QOSA'15 PROCEEDINGS OF THE 11TH INTERNATIONAL ACM SIGSOFT CONFERENCE ON QUALITY OF SOFTWARE ARCHITECTURES, 2015, : 63 - 72
[7] Detecting, Tracing, and Monitoring Architectural Tactics in Code
Mirakhorli, Mehdi
Cleland-Huang, Jane
[J]. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2016, 42 (03) : 206 - 221
[8] Fashioning the city: Architectural tactics and identity statements
Borden, I
[J]. ARCHITECTURAL DESIGN, 2000, (148) : 12 - 19
[9] Towards automation of performance architectural tactics application
Champagne, R.
Gagne, S.
[J]. 2011 9TH WORKING IEEE/IFIP CONFERENCE ON SOFTWARE ARCHITECTURE (WICSA), 2011, : 157 - 160
[10] A Catalog of Architectural Tactics for Cyber-Foraging
Lewis, Grace
Lago, Patricia
[J]. QOSA'15 PROCEEDINGS OF THE 11TH INTERNATIONAL ACM SIGSOFT CONFERENCE ON QUALITY OF SOFTWARE ARCHITECTURES, 2015, : 53 - 62

← 1 2 3 4 5 →