Engineering Security into Distributed Systems: A Survey of Methodologies

Rapid technological advances in recent years have precipitated a general shift towards software distribution as a central computing paradigm. This has been accompanied by a corresponding increase in the dangers of security breaches, often causing security attributes to become an inhibiting factor for use and adoption. Despite the acknowledged importance of security, especially in the context of open and collaborative environments, there is a growing gap in the survey literature relating to systematic approaches (methodologies) for engineering secure distributed systems. In this paper, we attempt to fill the aforementioned gap by surveying and critically analyzing the state-of-the-art in security methodologies based on some form of abstract modeling (i.e. model-based methodologies) for, or applicable to, distributed systems. Our detailed reviews can be seen as a step towards increasing awareness and appreciation of a range of methodologies, allowing researchers and industry stakeholders to gain a comprehensive view of the field and make informed decisions. Following the comprehensive survey we propose a number of criteria reflecting the characteristics security methodologies should possess to be adopted in real-life industry scenarios, and evaluate each methodology accordingly. Our results highlight a number of areas for improvement, help to qualify adoption risks, and indicate future research directions.

[1]  Bill Whyte,et al.  State of Practice in Secure Software: Experts’ Views on Best Ways Ahead , 2011 .

[2]  Thomas Heyman,et al.  An Analysis of the Security Patterns Landscape , 2007, Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007).

[3]  Yujian Fu,et al.  An approach to web services oriented modeling and validation , 2006, SOSE '06.

[4]  Ruth Breu,et al.  SECTISSIMO: A Platform-Independent Framework for Security Services , 2008, MODSEC@MoDELS.

[5]  Ruth Breu,et al.  Security-critical system development with extended use cases , 2003, Tenth Asia-Pacific Software Engineering Conference, 2003..

[6]  Silvio Romero de Lemos Meira,et al.  A Systematic SOA-based Architecture Process , 2009, SEKE.

[7]  Marius Iulian Mihailescu,et al.  Security Design Patterns , 2010 .

[8]  Indrakshi Ray,et al.  Balancing Security and Performance Properties During System Architectural Design , 2011 .

[9]  Gary McGraw,et al.  Software Security: Building Security In , 2006, 2006 17th International Symposium on Software Reliability Engineering.

[10]  Jan Jürjens,et al.  From goal‐driven security requirements engineering to secure design , 2010, Int. J. Intell. Syst..

[11]  Wouter Joosen,et al.  Architecting software with security patterns , 2008 .

[12]  Peter Herrmann,et al.  Towards the Integration of Security Aspects into System Development Using Collaboration-Oriented Models , 2009, FGIT-SecTech.

[13]  Viviane Torres da Silva,et al.  Model-Driven Security in Practice: An Industrial Experience , 2008, ECMDA-FA.

[14]  Theodore Tryfonas,et al.  Embedding security practices in contemporary information systems development approaches , 2001, Inf. Manag. Comput. Secur..

[15]  Eduardo B. Fernández,et al.  Building Secure Systems: From Threats to Security Patterns , 2010, 2010 XXIX International Conference of the Chilean Computer Science Society.

[16]  M. Riguidel,et al.  Security architecture for heterogeneous distributed computing systems , 2004, 38th Annual 2004 International Carnahan Conference on Security Technology, 2004..

[17]  Vidar Slåtten,et al.  Tool support for the rapid composition, analysis and implementation of reactive services , 2009, J. Syst. Softw..

[18]  Haralambos Mouratidis,et al.  Integrating Security and Software Engineering: Advances and Future Visions , 2006 .

[19]  Eduardo B. Fernandez,et al.  Security patterns in practice : designing secure architectures using software patterns , 2013 .

[20]  Jan Jürjens,et al.  Connecting Security Requirements Analysis and Secure Design Using Patterns and UMLsec , 2011, CAiSE.

[21]  Marc-Philippe Huget,et al.  Agent UML Notation for Multiagent System Design , 2004, IEEE Internet Comput..

[22]  Yijun Yu,et al.  Automated Analysis of Permission-Based Security Using UMLsec , 2008, FASE.

[23]  Antonio Maña,et al.  SERENITY Aware System Development Process , 2009, Security and Dependability for Ambient Intelligence.

[24]  Ulrich Lang,et al.  Protection of complex distributed systems , 2008, MidSec '08.

[25]  Frank Swiderski,et al.  Threat Modeling , 2018, Hacking Connected Cars.

[26]  Mario Piattini,et al.  Analysis of Secure Mobile Grid Systems: A systematic approach , 2010, Inf. Softw. Technol..

[27]  Marco Pistore,et al.  The Tropos Methodology , 2004 .

[28]  Markus Schumacher,et al.  Security Engineering with Patterns: Origins, Theoretical Models, and New Applications , 2003 .

[29]  Fausto Giunchiglia,et al.  Tropos: An Agent-Oriented Software Development Methodology , 2004, Autonomous Agents and Multi-Agent Systems.

[30]  Bashar Nuseibeh,et al.  Model-Based Security Engineering of Distributed Information Systems Using UMLsec , 2007, 29th International Conference on Software Engineering (ICSE'07).

[31]  Wouter Joosen,et al.  On the secure software development process: CLASP, SDL and Touchpoints compared , 2009, Inf. Softw. Technol..

[32]  Eduardo Fernández-Medina,et al.  Applying a UML Extension to Build Use Cases Diagrams in a Secure Mobile Grid Application , 2009, ER Workshops.

[33]  Richard N. Taylor,et al.  A connector-centric approach to architectural access control , 2006 .

[34]  Mario Piattini,et al.  PSecGCM: Process for the Development of Secure Grid Computing based Systems with Mobile Devices , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[35]  Maritta Heisel,et al.  A Systematic Account of Problem Frames , 2007, EuroPLoP.

[36]  David Frankel,et al.  Model Driven Architecture: Applying MDA to Enterprise Computing , 2003 .

[37]  Robert B. France,et al.  A Generic Approach for Automatic Model Composition , 2008, MoDELS.

[38]  GomaaHassan,et al.  Software requirements and architecture modeling for evolving non-secure applications into secure applications , 2007 .

[39]  Siobhán Clarke,et al.  Aspect-oriented analysis and design - the theme approach , 2005, Addison Wesley object technology series.

[40]  Eduardo B. Fernández,et al.  Coordination of security levels for Internet architectures , 1999, Proceedings. Tenth International Workshop on Database and Expert Systems Applications. DEXA 99.

[41]  Stuart Kent,et al.  Model Driven Engineering , 2002, IFM.

[42]  Cecilia Mascolo,et al.  Integrating security and usability into the requirements and design process , 2007, Int. J. Electron. Secur. Digit. Forensics.

[43]  Thomas Neubauer,et al.  Model-Driven Development Meets Security: An Evaluation of Current Approaches , 2011, 2011 44th Hawaii International Conference on System Sciences.

[44]  Haralambos Mouratidis,et al.  Using a Situational Method Engineering Approach to Identify Reusable Method Fragments from the Secure TROPOS Methodology , 2010, J. Object Technol..

[45]  Giselher Pankratz,et al.  Patterns in object-oriented analysis , 2010 .

[46]  Jan Jürjens,et al.  UMLsec4UML2 - Adopting UMLsec to Support UML2 , 2011 .

[47]  David A. Basin,et al.  Automated analysis of security-design models , 2009, Inf. Softw. Technol..

[48]  Gregor Kiczales,et al.  Aspect-oriented programming , 2001, ESEC/FSE-9.

[49]  José Ambrosio Toval Álvarez,et al.  ModelSec: A Generative Architecture for Model-Driven Security , 2009, J. Univers. Comput. Sci..

[50]  Mario Piattini,et al.  Towards a Process for Web Services Security , 2006, J. Res. Pract. Inf. Technol..

[51]  Holger Schmidt A pattern- and component-based method to develop secure software , 2010 .

[52]  Josh Dehlinger,et al.  Architecting Secure Software Systems Using an Aspect-Oriented Approach: : A Survey of Current Research , 2006 .

[53]  Yi Deng,et al.  An Approach for Modeling and Analysis of Security System Architectures , 2003, IEEE Trans. Knowl. Data Eng..

[54]  Antonio Maña,et al.  Towards Secure Ambient Intelligence Scenarios , 2006, SEKE.

[55]  Yi Deng,et al.  Model checking software architecture specifications in SAM , 2002, SEKE '02.

[56]  Maritta Heisel,et al.  Deriving Software Architectures from Problem Descriptions , 2009, Software Engineering.

[57]  R. France,et al.  Aspect-oriented approach to early design modelling , 2004, IEE Proc. Softw..

[58]  Lingyu Wang,et al.  Weaving security aspects into UML 2.0 design models , 2009, AOM '09.

[59]  Yi Deng,et al.  Formal Software Architecture Design of Secure Distributed Systems , 2003, SEKE.

[60]  Shihong Huang,et al.  Defining Security Requirements Through Misuse Actions , 2006, IFIP Workshop on Advanced Software Engineering.

[61]  Mohammad Zulkernine,et al.  A Survey on Requirements and Design Methods for Secure Software Development , 2009 .

[62]  Peter Sommerlad,et al.  Pattern-Oriented Software Architecture Volume 1: A System of Patterns , 1996 .

[63]  Mario Piattini,et al.  Obtaining Security Requirements for a Mobile Grid System , 2009, Int. J. Grid High Perform. Comput..

[64]  Richard N. Taylor,et al.  A Secure Software Architecture Description Language , 2005 .

[65]  Maritta Heisel,et al.  A UML Profile for Requirements Analysis of Dependable Software , 2010, SAFECOMP.

[66]  Eduardo B. Fernandez,et al.  Securing Design Patterns for Distributed Systems , 2007 .

[67]  Antonio Maña,et al.  Towards Precise Security Patterns , 2008, 2008 19th International Workshop on Database and Expert Systems Applications.

[68]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[69]  Richard N. Taylor,et al.  A comprehensive approach for the development of modular software architecture description languages , 2005, TSEM.

[70]  Christoph Meinel,et al.  A pattern-driven security advisor for service-oriented architectures , 2009, SWS '09.

[71]  Jan Jürjens,et al.  Using Security Patterns to Develop Secure Systems , 2011 .

[72]  Jan Jürjens,et al.  Systematic Development of UMLsec Design Models Based on Security Requirements , 2011, FASE.

[73]  Ramesh Nagappan,et al.  Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management , 2005 .

[74]  Robert Cole A model for security in distributed systems , 1990, Comput. Secur..

[75]  Grady Booch,et al.  Object-Oriented Analysis and Design with Applications , 1990 .

[76]  Maritta Heisel,et al.  A Pattern System for Security Requirements Engineering , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[77]  Li Yang,et al.  Secure software architectures design by aspect orientation , 2005, 10th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS'05).

[78]  Lirong Dai,et al.  A Survey of Modeling and Analysis Approaches for Architecting Secure Software Systems , 2007, Int. J. Netw. Secur..

[79]  Olaf Zimmermann,et al.  Extending a Secure System Development Methodology to SOA , 2007, 18th International Workshop on Database and Expert Systems Applications (DEXA 2007).

[80]  Eduardo B. Fernandez,et al.  Layers and non-functional patterns , 2003 .

[81]  Fausto Giunchiglia,et al.  The tropos software development methodology: processes, models and diagrams , 2002, AAMAS '02.

[82]  Chris Rose,et al.  A Break in the Clouds: Towards a Cloud Definition , 2011 .

[83]  Madjid Merabti,et al.  Applying Dynamic Separation of Aspects to Distributed Systems Security , 2010 .

[84]  Ian F. Alexander,et al.  Misuse Cases: Use Cases with Hostile Intent , 2003, IEEE Softw..

[85]  Jan Jürjens Model-Based Security Engineering with UML: Introducing Security Aspects , 2005, FMCO.

[86]  Michael Howard,et al.  The security development lifecycle : SDL, a process for developing demonstrably more secure software , 2006 .

[87]  Raouf Boutaba,et al.  Cloud computing: state-of-the-art and research challenges , 2010, Journal of Internet Services and Applications.

[88]  Lingyu Wang,et al.  Usability of Security Specification Approaches for UML Design: A Survey , 2009, J. Object Technol..

[89]  Ruth Breu,et al.  Model-Driven Security Engineering for Trust Management in SECTET , 2007, J. Softw..

[90]  Xiaohong Yuan,et al.  Securing analysis patterns , 2007, ACM-SE 45.

[91]  Wouter Joosen,et al.  On the Secure Software Development Process: CLASP and SDL Compared , 2007, Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007).

[92]  Sushil Jajodia,et al.  Model-Driven Development for secure information systems , 2009, Inf. Softw. Technol..

[93]  James A. Whittaker,et al.  Building software securely from the ground up , 2002, IEEE Software.

[94]  Robert B. France,et al.  Model Composition Directives , 2004, UML.

[95]  Torsten Lodderstedt,et al.  Model driven security from UML models to access control architectures , 2003 .

[96]  Charles Consel,et al.  An aspect-oriented approach to securing distributed systems , 2009, ICPS.

[97]  Eduardo B. Fernández,et al.  An abstract authorization system for the Internet , 1998, Proceedings Ninth International Workshop on Database and Expert Systems Applications (Cat. No.98EX130).

[98]  Edward A. Schneider Security architecture-based system design , 1999, NSPW '99.

[99]  Eduardo B. Fernández,et al.  Eliciting Security Requirements through Misuse Activities , 2008, 2008 19th International Workshop on Database and Expert Systems Applications.

[100]  Holger Schmidt,et al.  Threat- and Risk-Analysis During Early Security Requirements Engineering , 2010, 2010 International Conference on Availability, Reliability and Security.

[101]  Eduardo B. Fernandez,et al.  A pattern language for security models , 2001 .

[102]  Robert B. France,et al.  A UML-based pattern specification technique , 2004, IEEE Transactions on Software Engineering.

[103]  Indrakshi Ray,et al.  Designing High Integrity Systems Using Aspects , 2002, IICIS.

[104]  Hironori Washizaki,et al.  Abstract security patterns , 2008 .

[105]  Johannes Sametinger,et al.  Software Security , 2013, 2013 20th IEEE International Conference and Workshops on Engineering of Computer Based Systems (ECBS).

[106]  De WinBart,et al.  On the secure software development process , 2009 .

[107]  Haralambos Mouratidis,et al.  Security Patterns for Agent Systems , 2003 .

[108]  Ahmed M. Mahdy,et al.  Integrating Threat Modeling in Secure Agent-Oriented Software Development , 2011 .

[109]  Mario Piattini,et al.  Security patterns and requirements for internet-based applications , 2006, Internet Res..

[110]  Jan Jüriens Model-based security engineering with UML : Introducing security aspects , 2006 .

[111]  Lingyu Wang,et al.  Aspect-Oriented Modeling for Representing and Integrating Security Concerns in UML , 2010, SERA.

[112]  Christopher J. Alberts,et al.  Managing Information Security Risks: The OCTAVE Approach , 2002 .

[113]  Robert B. France,et al.  Directives for Composing Aspect-Oriented Design Class Models , 2006, LNCS Trans. Aspect Oriented Softw. Dev..

[114]  Martin Gilje Jaatun,et al.  Covering Your Assets in Software Engineering , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[115]  Joseph W. Yoder,et al.  Architectural Patterns for Enabling Application Security , 1998 .

[116]  Xiaohong Yuan,et al.  Semantic Analysis Patterns , 2000, ER.

[117]  David A. Basin Model driven security , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[118]  Haralambos Mouratidis Secure Tropos: An Agent Oriented Software Engineering Methodology for the Development of Health and Social Care Information Systems , 2009 .

[119]  Mario Piattini,et al.  Web services enterprise security architecture: a case study , 2005, SWS '05.

[120]  S. El-Kassas,et al.  A Rigorous Methodology for Security Architecture Modeling and Verification , 2009, 2009 42nd Hawaii International Conference on System Sciences.

[121]  William Yurcik,et al.  Threat Modeling as a Basis for Security Requirements , 2005 .

[122]  Richard F. Paige,et al.  Process-centered review of object oriented software development methodologies , 2008, CSUR.

[123]  Daniel Serrano,et al.  Development of Applications Based on Security Patterns , 2009, 2009 Second International Conference on Dependability.

[124]  Maritta Heisel,et al.  Analysis and Component-based Realization of Security Requirements , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[125]  Antonio Maña,et al.  Towards Formal Specification of Abstract Security Properties , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[126]  Li Gong,et al.  Secure software architectures , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[127]  Eduardo B. Fernández,et al.  Improving the Classification of Security Patterns , 2009, 2009 20th International Workshop on Database and Expert Systems Application.

[128]  Thomas Erl,et al.  SOA Design Patterns , 2008 .

[129]  RICHAFID BASKERVILLE,et al.  Information systems security design methods: implications for information systems development , 1993, CSUR.

[130]  Antonio Maña,et al.  Security Patterns, Towards a Further Level , 2009, SECRYPT.

[131]  Ruth Breu,et al.  Security engineering for service-oriented architectures , 2008 .

[132]  Robert C. Seacord,et al.  Secure Design Patterns , 2009 .

[133]  Ruth Breu,et al.  Towards a Systematic Development of Secure Systems , 2004, Inf. Secur. J. A Glob. Perspect..

[134]  Christoph Meinel,et al.  A Pattern-Driven Generation of Security Policies for Service-Oriented Architectures , 2010, 2010 IEEE International Conference on Web Services.

[135]  James J. Whitmore A method for designing secure solutions , 2001, IBM Syst. J..

[136]  H. B. Williams,et al.  A Survey , 1992 .

[137]  Haralambos Mouratidis,et al.  Software Engineering for Secure Systems: Industrial and Research Perspectives , 2010 .

[138]  Maritta Heisel,et al.  A Security Engineering Process based on Patterns , 2007, 18th International Workshop on Database and Expert Systems Applications (DEXA 2007).

[139]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[140]  Wouter Joosen,et al.  A system of security patterns , 2006 .

[141]  Haralambos Mouratidis,et al.  Secure Software Systems Engineering: The Secure Tropos Approach (Invited Paper) , 2011, J. Softw..

[142]  Haralambos Mouratidis,et al.  Secure information systems engineering: a manifesto , 2007, Int. J. Electron. Secur. Digit. Forensics.

[143]  Indrakshi Ray,et al.  Aspect-Oriented Risk Driven Development of Secure Applications , 2006, DBSec.

[144]  Ralph E. Johnson,et al.  Organizing Security Patterns , 2007, IEEE Software.

[145]  Richard N. Taylor,et al.  Software architecture: foundations, theory, and practice , 2009, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[146]  Manachai Toahchoodee,et al.  An aspect-oriented methodology for designing secure applications , 2009, Inf. Softw. Technol..

[147]  Manachai Toahchoodee,et al.  Verification and Trade-Off Analysis of Security Properties in UML System Models , 2010, IEEE Transactions on Software Engineering.

[148]  Antonio Maña,et al.  Representation of Security and Dependability Solutions , 2009, Security and Dependability for Ambient Intelligence.

[149]  Haralambos Mouratidis,et al.  Secure Tropos: a Security-Oriented Extension of the Tropos Methodology , 2007, Int. J. Softw. Eng. Knowl. Eng..

[150]  Ruth Breu,et al.  Sectet: an extensible framework for the realization of secure inter-organizational workflows , 2006, Internet Res..

[151]  NICHOLAS R. JENNINGS,et al.  An agent-based approach for building complex software systems , 2001, CACM.

[152]  William H. Allen,et al.  The ISDF Framework: Towards Secure Software Development , 2010, J. Inf. Process. Syst..

[153]  Abhijit Belapurkar,et al.  Distributed Systems Security: Issues, Processes and Solutions , 2009 .

[154]  Premkumar T. Devanbu,et al.  Software engineering for security: a roadmap , 2000, ICSE '00.

[155]  Eduardo B. Fernández Security Patterns and A Methodology to Apply them , 2009, Security and Dependability for Ambient Intelligence.

[156]  Yi Deng,et al.  A formal approach to designing secure software architectures , 2004, Eighth IEEE International Symposium on High Assurance Systems Engineering, 2004. Proceedings..

[157]  Bashar Nuseibeh,et al.  Security Requirements Engineering: A Framework for Representation and Analysis , 2008, IEEE Transactions on Software Engineering.

[158]  Eduardo B. Fernández,et al.  A Pattern-Driven Security Process for SOA Applications , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[159]  Per Håkon Meland,et al.  Secure Software Design in Practice , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[160]  Diomidis Spinellis,et al.  Security protocols over open networks and distributed systems: formal methods for their analysis, design, and verification , 1999, Comput. Commun..

[161]  Mario Piattini,et al.  Developing a Secure Mobile Grid System through a UML Extension , 2010, J. Univers. Comput. Sci..

[162]  Christoph Meinel,et al.  A Security Meta-model for Service-Oriented Architectures , 2009, 2009 IEEE International Conference on Services Computing.

[163]  Nelly A. Delessy A pattern-driven process for secure service-oriented applications , 2008 .

[164]  Jan Jürjens,et al.  Towards a Comprehensive Framework for Secure Systems Development , 2006, CAiSE.

[165]  Damien Cassou,et al.  A generative programming approach to developing pervasive computing systems , 2009, GPCE '09.

[166]  Eduardo B. Fernández,et al.  An extensible pattern-based library and taxonomy of security threats for distributed systems , 2014, Comput. Stand. Interfaces.

[167]  Ali Arsanjani,et al.  SOMA: A method for developing service-oriented solutions , 2008, IBM Syst. J..

[168]  Christopher Alexander,et al.  The Timeless Way of Building , 1979 .

[169]  Wouter Joosen,et al.  Using Security Patterns to Combine Security Metrics , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[170]  Michael Weiss,et al.  Modeling Secure Systems Using an Agent-oriented Approach and Security Patterns , 2006, Int. J. Softw. Eng. Knowl. Eng..

[171]  David A. Basin,et al.  A decade of model-driven security , 2011, SACMAT '11.

[172]  Robert B. France,et al.  Tool Support for Aspect-Oriented Design , 2002, OOIS Workshops.

[173]  Mary Shaw Procedure Calls Are the Assembly Language of Software Interconnection: Connectors Deserve First-Class Status , 1993, ICSE Workshop on Studies of Software Design.

[174]  Indrakshi Ray,et al.  Using aspects to design a secure system , 2002, Eighth IEEE International Conference on Engineering of Complex Computer Systems, 2002. Proceedings..

[175]  Eduardo B. Fernández,et al.  Secure Middleware Patterns , 2012, CSS.

[176]  Robert B. France,et al.  Formal specification of real-time dependable systems , 1995, Proceedings of First IEEE International Conference on Engineering of Complex Computer Systems. ICECCS'95.

[177]  Brian Henderson-Sellers,et al.  Agent-oriented methodologies , 2005 .

[178]  Ulrich Lang,et al.  Model Driven Development of Security Aspects , 2007, Electron. Notes Theor. Comput. Sci..

[179]  Eduardo Fernández-Medina,et al.  The practical application of a process for eliciting and designing security in web service systems , 2009, Inf. Softw. Technol..

[180]  Eduardo B. Fernández,et al.  Attack Patterns: A New Forensic and Design Tool , 2007, IFIP Int. Conf. Digital Forensics.

[181]  Bernhard Rumpe,et al.  Model-driven Development of Complex Software : A Research Roadmap , 2007 .

[182]  Eduardo B. Fernández,et al.  A Methodology for Secure Software Design , 2004, Software Engineering Research and Practice.

[183]  Onn Shehory,et al.  Agent-Oriented Software Engineering , 2014, Springer Berlin Heidelberg.

[184]  Paul Dourish,et al.  Towards an architectural treatment of software security , 2005 .

[185]  Wouter Joosen,et al.  Security patterns: 10 years later , 2008 .

[186]  Eduardo B. Fernández,et al.  Securing distributed systems using patterns: A survey , 2012, Comput. Secur..

[187]  Mario Piattini,et al.  Secure information systems development - a survey and comparison , 2005, Comput. Secur..

[188]  M. Angela Sasse,et al.  Bringing security home: a process for developing secure and usable systems , 2003, NSPW '03.

[189]  David A. Basin,et al.  Model driven security for process-oriented systems , 2003, SACMAT '03.

[190]  Brian Henderson-Sellers,et al.  Situational Method Engineering: State-of-the-Art Review , 2010, J. Univers. Comput. Sci..

[191]  Ruth Breu,et al.  SeAAS - A Reference Architecture for Security Services in SOA , 2009, J. Univers. Comput. Sci..

[192]  Eduardo B. Fernández,et al.  Modeling Misuse Patterns , 2009, 2009 International Conference on Availability, Reliability and Security.

[193]  Rory V. O'Connor,et al.  Process Models of SDLCs: Comparison and Evolution , 2009 .

[194]  Luis Rodero-Merino,et al.  A break in the clouds: towards a cloud definition , 2008, CCRV.

[195]  Eduardo B. Fernandez,et al.  A Methodology to Develop Secure Systems Using Patterns , 2006 .

[196]  Indrakshi Ray,et al.  An aspect-based approach to modeling access control concerns , 2004, Inf. Softw. Technol..

[197]  Gruia-Catalin Roman,et al.  Advanced software engineering, expanding the frontiers of software technology : IFIP 19th World Computer Congress, First International Workshop on Advanced Software Engineering, August 25, 2006, Santiago, Chile , 2006 .

[198]  Jan Jürjens Sound methods and effective tools for model-based security engineering with UML , 2005, ICSE '05.

[199]  George Spanoudakis,et al.  Security and Dependability for Ambient Intelligence , 2009, Security and Dependability for Ambient Intelligence.

[200]  E. B. Fernandez,et al.  Determining role rights from use cases , 1997, RBAC '97.

[201]  Mark Rouncefield,et al.  Model-driven engineering practices in industry , 2011, 2011 33rd International Conference on Software Engineering (ICSE).

[202]  Sam Supakkul,et al.  A Model-driven Approach to Architecting Secure Software , 2007, SEKE.

[203]  Jan Jürjens,et al.  UMLsec: Extending UML for Secure Systems Development , 2002, UML.

[204]  J.A. Hamilton,et al.  Security in software architecture: a case study , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..

[205]  Raphael C.-W. Phan Review of Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd Edition by Ross J. Anderson , 2009, Cryptologia.

[206]  Eduardo B. Fernández,et al.  A Multi-Dimensional Classification for Users of Security Patterns , 2008, J. Res. Pract. Inf. Technol..

[207]  Florian Schintke,et al.  Peer-to-Peer Computing , 2010, Euro-Par.

[208]  Patrice Kadionik,et al.  A SIP-Based Programming Framework for Advanced Telephony Applications , 2008, IPTComm.

[209]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[210]  Ruth Breu,et al.  Model-Driven Security Engineering of Service Oriented Systems , 2008, UNISCON.

[211]  Donald Firesmith,et al.  Security Use Cases , 2003, J. Object Technol..

[212]  Hossein Saiedian,et al.  Secure Software Engineering: Learning from the Past to Address Future Challenges , 2009, Inf. Secur. J. A Glob. Perspect..

[213]  Peter Sommerlad,et al.  Security Patterns: Integrating Security and Systems Engineering , 2006 .

[214]  Jan Jürjens Using UMLsec and goal trees for secure systems development , 2002, SAC '02.

[215]  Dieter Gollmann,et al.  Computer Security , 1979, Lecture Notes in Computer Science.

[216]  Christoph Meinel,et al.  Security Requirements Specification in Service-Oriented Business Process Management , 2009, 2009 International Conference on Availability, Reliability and Security.

[217]  Michael Wooldridge,et al.  Agent-based software engineering , 1997, IEE Proc. Softw. Eng..

[218]  Antonio Maña,et al.  SERENITY Pattern-Based Software Development Life-Cycle , 2008, 2008 19th International Workshop on Database and Expert Systems Applications.

[219]  Brian Henderson-Sellers,et al.  Metamodelling for software engineering , 2008 .

[220]  Gerald W. Both,et al.  Object-oriented analysis and design with applications , 1994 .

[221]  Rosana Wagner,et al.  Using Security Patterns to Tailor Software Process , 2011, SEKE.

[222]  Julio Ariel Hurtado Alegria,et al.  An MDE approach to software process tailoring , 2011, ICSSP '11.

[223]  Eduardo B. Fernández,et al.  A UML-Based Methodology for Secure Systems: The Design Stage , 2005, WOSIS.

[224]  Matt Bishop,et al.  What Is Computer Security? , 2003, IEEE Secur. Priv..

[225]  Gary McGraw,et al.  Exploiting Software: How to Break Code , 2004 .

[226]  Jan Jürjens,et al.  Security and Dependability Engineering , 2009, Security and Dependability for Ambient Intelligence.

[227]  Nicholas R. Jennings Agent-Oriented Software Engineering , 1999, MAAMAW.

[228]  Gary Mcgraw Software security , 2004, IEEE Security & Privacy Magazine.

[229]  Haralambos Mouratidis,et al.  Security Attack Testing (SAT) - testing the security of information systems at design time , 2007, Inf. Syst..

[230]  Paul Clements,et al.  Software architecture in practice , 1999, SEI series in software engineering.

[231]  Mario Piattini,et al.  PWSSec: Process for Web Services Security , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[232]  Maritta Heisel,et al.  A Pattern-Based Method to Develop Secure Software , 2011 .

[233]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[234]  Haralambos Mouratidis,et al.  When security meets software engineering: a case of modelling secure information systems , 2005, Inf. Syst..

[235]  Jan Jürjens,et al.  Model-Based Security Engineering for Real , 2006, FM.

[236]  Mario Piattini,et al.  Systematic design of secure Mobile Grid systems , 2011, J. Netw. Comput. Appl..

[237]  Eduardo Fernández-Medina,et al.  Security services architecture for Secure Mobile Grid Systems , 2011, J. Syst. Archit..

[238]  Douglas C. Schmidt,et al.  Using design patterns to develop reusable object-oriented communication software , 1995, CACM.

[239]  Frank Alexander Kraemer,et al.  Engineering Reactive Systems: A Compositional and Model-Driven Method Based on Collaborative Building Blocks , 2008 .

[240]  Peter Herrmann,et al.  A Tool-Supported Method for the Design and Implementation of Secure Distributed Applications , 2011, ESSoS.

[241]  Christoph Meinel,et al.  SecureSOA Modelling Security Requirements for Service-Oriented Architectures , 2010, 2010 IEEE International Conference on Services Computing.

[242]  Haralambos Mouratidis,et al.  Analysing Security in Information Systems , 2004 .

[243]  Eduardo B. Fernández,et al.  Security patterns and secure systems design , 2007, ACM-SE 45.