Revisiting Architectural Tactics for Security

被引：18

作者：

Fernandez, Eduardo B. ^{[1
]}

Astudillo, Hernan ^{[2
]}

Pedraza-Garcia, Gilberto ^{[3
,4
]}

机构：

[1] Florida Atlantic Univ, Boca Raton, FL 33431 USA

[2] Univ Tecn Federico Santa Maria, Dept Informat, Valparaiso, Chile

[3] Univ Los Andes, Bogota, Colombia

[4] Univ Piloto Colombia, Programa Ingn Sistemas, Bogota, Colombia

来源：

SOFTWARE ARCHITECTURE (ECSA 2015) | 2015年 / 9278卷

关键词：

Architecture tactics; Secure architectures; Security patterns; Secure software development;

D O I：

10.1007/978-3-319-23727-5_5

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Architectural tactics are design decisions intended to improve some system quality factor. Since their initial formulation, they have been formalized, compared with patterns and associated to styles, but the initial set of tactics for security has only been refined once. We have examined this tactics set and classification from the viewpoint of security research, and concluded that some tactics would be better described as principles or policies, some are not needed, and others do not cover the functions needed to secure systems, which makes them not very useful for designers. We propose here a refined set and classification of architectural tactics for security, which we consider more appropriate than the original and the previously refined sets. We also suggest how to realize them using security patterns.

引用

页码：55 / 69

页数：15

共 50 条

[31] Security and the architectural expression of territory
Habraken, J
[J]. 2003 INTERNATIONAL SYMPOSIUM ON TECHNOLOGY AND SOCIETY: CRIME PREVENTION, SECURITY AND DESIGN, PROCEEDINGS, 2003, : 7 - 9
[32] Revisiting WiMAX MBS security
Kambourakis, Georgios
Konstantinou, Elisavet
Gritzalis, Stefanos
[J]. COMPUTERS & MATHEMATICS WITH APPLICATIONS, 2010, 60 (02) : 217 - 223
[33] Revisiting the Security of the ALRED Design
Simplicio, Marcos A., Jr.
Barreto, Paulo S. L. M.
Carvalho, Teresa C. M. B.
[J]. INFORMATION SECURITY, 2011, 6531 : 69 - 83
[34] Revisiting Enforceable Security Policies
Nagatou, Naoyuki
[J]. CRISIS: 2008 THIRD INTERNATIONAL CONFERENCE ON RISKS AND SECURITY OF INTERNET AND SYSTEMS, PROCEEDINGS, 2008, : 227 - 234
[35] Revisiting the security analysis of SNOVA
Ikematsu, Yasuhiko
Akiyama, Rika
[J]. PROCEEDINGS OF THE 11TH ACM ASIA PUBLIC-KEY CRYPTOGRAPHY WORKSHOP, APKC 2024, 2024, : 54 - 61
[36] Quality-driven architecture development using architectural tactics
Kim, Suntae
Kim, Dae-Kyoo
Lu, Lunjin
Park, Sooyong
[J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2009, 82 (08) : 1211 - 1231
[37] Architectural Tactics to Optimize Software for Energy Efficiency in the Public Cloud
Vos, Sophie
Lago, Patricia
Verdecchia, Roberto
Heitlager, Ilja
[J]. 2022 INTERNATIONAL CONFERENCE ON ICT FOR SUSTAINABILITY (ICT4S 2022), 2022, : 77 - 87
[38] Review of Architectural Patterns and Tactics for Microservices in Academic and Industrial Literature
Marquez, G.
Osses, F.
Astudillo, H.
[J]. IEEE LATIN AMERICA TRANSACTIONS, 2018, 16 (09) : 2321 - 2327
[39] Architectural Tactics for Big Data Cybersecurity Analytics Systems: A Review
Ullah, Faheem
Babar, Muhammad Ali
[J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2019, 151 : 81 - 118
[40] Annotating problem diagrams with architectural tactics for reasoning on quality requirements
Canete-Valdeon, Jose M.
[J]. INFORMATION PROCESSING LETTERS, 2012, 112 (16) : 656 - 661

← 1 2 3 4 5 →