Revisiting Architectural Tactics for Security

被引：18

作者：

Fernandez, Eduardo B. ^{[1
]}

Astudillo, Hernan ^{[2
]}

Pedraza-Garcia, Gilberto ^{[3
,4
]}

机构：

[1] Florida Atlantic Univ, Boca Raton, FL 33431 USA

[2] Univ Tecn Federico Santa Maria, Dept Informat, Valparaiso, Chile

[3] Univ Los Andes, Bogota, Colombia

[4] Univ Piloto Colombia, Programa Ingn Sistemas, Bogota, Colombia

来源：

SOFTWARE ARCHITECTURE (ECSA 2015) | 2015年 / 9278卷

关键词：

Architecture tactics; Secure architectures; Security patterns; Secure software development;

D O I：

10.1007/978-3-319-23727-5_5

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Architectural tactics are design decisions intended to improve some system quality factor. Since their initial formulation, they have been formalized, compared with patterns and associated to styles, but the initial set of tactics for security has only been refined once. We have examined this tactics set and classification from the viewpoint of security research, and concluded that some tactics would be better described as principles or policies, some are not needed, and others do not cover the functions needed to secure systems, which makes them not very useful for designers. We propose here a refined set and classification of architectural tactics for security, which we consider more appropriate than the original and the previously refined sets. We also suggest how to realize them using security patterns.

引用

页码：55 / 69

页数：15

共 50 条

[21] ArchTacRV: Detecting and Runtime Verifying Architectural Tactics in Code
Ge, Ning
Wang, Ze
Zhang, Li
Zhao, Jiuang
Zhou, Yufei
Liu, Zewei
[J]. 2022 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ANALYSIS, EVOLUTION AND REENGINEERING (SANER 2022), 2022, : 566 - 576
[22] Security Tactics Selection Poker (TaSPeR)
Osses, Felipe
Marquez, Gaston
Villegas, Monica M.
Orellana, Cristian
Visconti, Marcello
Astudillo, Hernan
[J]. ECSA 2018: PROCEEDINGS OF THE 12TH EUROPEAN CONFERENCE ON SOFTWARE ARCHITECTURE: COMPANION PROCEEDINGS, 2018,
[23] Detection Strategies for Microservice Security Tactics
Zdun, Uwe
Queval, Pierre-Jean
Simhandl, Georg
Scandariato, Riccardo
Chakravarty, Somik
Jelic, Marjan
Jovanovic, Aleksandar
[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2024, 21 (03) : 1257 - 1273
[24] Blockchains and Stealth Tactics for Teaching Security
van Oorschot, Paul C.
[J]. IEEE SECURITY & PRIVACY, 2020, 18 (05) : 3 - 5
[25] Housing security tactics vary by location
Frazee, V
[J]. WORKFORCE, 1998, : 8 - 8
[26] ON ARCHITECTURAL SUPPORT FOR SYSTEMS SECURITY
Tiwari, Mohit
Austin, Todd
[J]. IEEE MICRO, 2016, 36 (05) : 6 - 7
[27] Security is an architectural design constraint
Ravi, Prasanna
Najm, Zakaria
Bhasin, Shivam
Khairallah, Mustafa
Sen Gupta, Sourav
Chattopadhyay, Anupam
[J]. MICROPROCESSORS AND MICROSYSTEMS, 2019, 68 : 17 - 27
[28] A study of security architectural patterns
Rosado, David G.
Gutierrez, Carlos
Fernandez-Medina, Eduardo
Piattini, Mario
[J]. FIRST INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, PROCEEDINGS, 2006, : 358 - +
[29] Enforcing Architectural Security Decisions
Jasser, Stefanie
[J]. IEEE 17TH INTERNATIONAL CONFERENCE ON SOFTWARE ARCHITECTURE (ICSA 2020), 2020, : 35 - 45
[30] ARCHITECTURAL DESIGN AND PHYSICAL SECURITY
PASSANTINO, RJ
[J]. TERRORISM, 1987, 10 (03): : 243 - 246

← 1 2 3 4 5 →