Abstract
Today, security is still poorly considered in early phases of software engineering. Architects and software engineers still lack knowledge about architectural security design as well as implementing it compliantly. However, a software system that is not designed for security or does not adhere to this design can hardly meet its security requirements. In this paper, we present an approach we are working on. The approach consists of two parts: Firstly, we improve the architecture’s security level through model transformation. Secondly, we derive rules and constraints from the secured architecture in order to check the implementation’s conformance. Through these activities we aim to support architects and software developers in building a secure software system. We plan to evaluate our approach in industrial case studies.
Original language | English |
---|---|
Title of host publication | ICISSP 2018 - Proceedings of the 4th International Conference on Information Systems Security and Privacy |
Editors | Paolo Mori, Steven Furnell, Olivier Camp |
Publisher | SciTePress |
Pages | 438-446 |
Number of pages | 9 |
ISBN (Electronic) | 9789897582820 |
DOIs | |
Publication status | Published - 2018 |
Externally published | Yes |
Event | 4th International Conference on Information Systems Security and Privacy, ICISSP 2018 - Funchal, Madeira, Portugal Duration: 22 Jan 2018 → 24 Jan 2018 |
Publication series
Name | ICISSP 2018 - Proceedings of the 4th International Conference on Information Systems Security and Privacy |
---|---|
Volume | 2018-January |
Conference
Conference | 4th International Conference on Information Systems Security and Privacy, ICISSP 2018 |
---|---|
Country/Territory | Portugal |
City | Funchal, Madeira |
Period | 22/01/18 → 24/01/18 |
Bibliographical note
Publisher Copyright:Copyright © 2018 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved.
Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.
Keywords
- Architectural Decay
- Architecture Compliance Checking
- Architecture Conformance Checking
- Architecture Erosion
- Architecture Violations
- Privacy by Design
- Secure Software Architecture
- Security by Design
- Security Constraints
- Software Architecture