论文信息 - Defining Viewpoints for Security Architectural Patterns

Defining Viewpoints for Security Architectural Patterns

For decades, the security community has undertaken detailed research into specific areas of security, while largely ignoring the design process. Software architecture has emerged as an important sub-discipline of software engineering, particularly in the realm of large system development. This paper describes how security architectural patterns lack of a comprehensive and complete well-structured documentation that conveys essential information of their logical structure, deployment-time, run-time behaviour, monitoring configuration, and so on. Thus we will propose a viewpoints model for describing security architectural patterns. We will investigate security architectural patterns from several IEEE 1471-2000 compliant viewpoints and develop an example that demonstrates how to describe a security architectural pattern with viewpoints. We will make use of well-known language notations such as UML to maximize

Mario Piattini | Eduardo Fernández-Medina | David G. Rosado | Carlos Gutiérrez

[1] David A. Basin,et al. SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[2] Jan Jürjens,et al. UMLsec: Extending UML for Secure Systems Development , 2002, UML.

[3] Paul Clements,et al. Software Architecture Documentation in Practice: Documenting Architectural Layers , 2000 .

[4] Philippe Krutchen,et al. Architectural blueprints--the '4+1' view model of software architecture , 1995 .

[5] Joseph W. Yoder,et al. Architectural Patterns for Enabling Application Security , 1998 .

[6] Alistair Cockburn,et al. Writing Effective Use Cases , 2000 .

[8] Jan Jürjens,et al. Sound development of secure service-based systems , 2004, ICSOC '04.

[9] Markus Schumacher,et al. Security Engineering with Patterns , 2003, Lecture Notes in Computer Science.

[10] Eoin Woods,et al. Software Systems Architecture: Working with Stakeholders Using Viewpoints and Perspectives , 2005 .

[11] Paul Clements,et al. Software Architecture in Practice: Addison-Wesley , 1998 .

[12] Richard Anthony,et al. Large-Scale Software Architecture: A Practical Guide using UML , 2002 .