Assessing and improving the quality of security methodologies for distributed systems

Security methodologies represent systematic approaches for introducing security attributes into a system throughout the development lifecycle. While isolated attempts have been made to demonstrate the value of particular security methodologies, the “quality” of security methodologies, as such, has never been given due consideration; indeed, it has never been studied as a self‐standing topic. The literature therefore entirely lacks supportive artifacts that can provide a basis for assessing, and hence for improving, a security methodology's quality. In this paper, we fill the aforementioned gap by proposing a comprehensive quality framework and accompanying process, within the context of an existing approach to engineering security methodologies, which can be used for both (bottom‐up) quality assessment and (top‐down) quality improvement. The main framework elements can be extended and customized to allow an essentially arbitrary range of methodology features to be considered, thus forming a basis for flexible, fine‐grained quality control. We demonstrate the bottom‐up application of the latter framework and process on three real‐life security methodologies for distributed systems, taken as case studies. Based on the assessment results, we subsequently show in detail (for one) and briefly discuss (for the remaining set) how the case study methodologies can be re‐engineered to improve their quality.

[1]  Eduardo B. Fernández,et al.  A comprehensive pattern-oriented approach to engineering security methodologies , 2015, Inf. Softw. Technol..

[2]  Mario Piattini,et al.  A UML 2.0 profile to define security requirements for Data Warehouses , 2009, Comput. Stand. Interfaces.

[3]  William H. Sanders Quantitative Security Metrics: Unattainable Holy Grail or a Vital Breakthrough within Our Reach? , 2014, IEEE Security & Privacy.

[4]  Eduardo B. Fernández,et al.  Decomposing Distributed Software Architectures for the Determination and Incorporation of Security and Other Non-functional Requirements , 2013, 2013 22nd Australian Software Engineering Conference.

[5]  T. Saaty Fundamentals of Decision Making and Priority Theory With the Analytic Hierarchy Process , 2000 .

[6]  Barbara A. Kitchenham,et al.  The SQUID approach to defining a quality model , 1997, Software Quality Journal.

[7]  Eduardo B. Fernández,et al.  An extensible pattern-based library and taxonomy of security threats for distributed systems , 2014, Comput. Stand. Interfaces.

[8]  Roger S. Pressman,et al.  Software Engineering: A Practitioner's Approach , 1982 .

[9]  Christopher Alexander,et al.  The Timeless Way of Building , 1979 .

[10]  Noor Zaman,et al.  Software Development Techniques for Constructive Information Systems Design , 2013 .

[11]  Fabio Massacci,et al.  An Experimental Comparison of Two Risk-Based Security Methods , 2013, 2013 ACM / IEEE International Symposium on Empirical Software Engineering and Measurement.

[12]  Raimundas Matulevicius,et al.  Pattern-Based Security Requirements Derivation from Secure Tropos Models , 2015, PoEM.

[13]  Pär J. Ågerfalk,et al.  Situational Method Engineering , 2014, Springer Berlin Heidelberg.

[14]  Brian Henderson-Sellers,et al.  Metamodelling for software engineering , 2008 .

[15]  Haralambos Mouratidis,et al.  Supporting Secure Business Process Design via Security Process Patterns , 2017, BPMDS/EMMSAD@CAiSE.

[16]  Wouter Joosen,et al.  Empirical evaluation of a privacy-focused threat modeling methodology , 2014, J. Syst. Softw..

[17]  Isaac Woungang,et al.  Software Security Engineering – Part I: Security Requirements and Risk Analysis , 2015 .

[18]  S. El-Kassas,et al.  A Rigorous Methodology for Security Architecture Modeling and Verification , 2009, 2009 42nd Hawaii International Conference on System Sciences.

[19]  Haralambos Mouratidis,et al.  Taxonomy of quality metrics for assessing assurance of security correctness , 2011, Software Quality Journal.

[20]  Richard F. Paige,et al.  Process-centered review of object oriented software development methodologies , 2008, CSUR.

[21]  Haralambos Mouratidis,et al.  Secure Software Systems Engineering: The Secure Tropos Approach (Invited Paper) , 2011, J. Softw..

[22]  Kai Koskimies,et al.  Scenario-Based Assessment of Process Pattern Languages , 2009, PROFES.

[23]  Alain Abran,et al.  A quality factor for software , 1999 .

[24]  Inger Anne Tøndel,et al.  Software Security Maturity in Public Organisations , 2015, ISC.

[25]  Haralambos Mouratidis,et al.  Selecting Security Mechanisms in Secure Tropos , 2017, TrustBus.

[26]  Franziska Prockl FACULTY OF BUSINESS ADMINISTRATION AND ECONOMICS , 2018 .

[27]  D. M. Hutton,et al.  Process Patterns: Building Large‐Scale Systems Using Object Technology , 1999 .

[28]  Giselher Pankratz,et al.  Patterns in object-oriented analysis , 2010 .

[29]  Fabio Massacci,et al.  How to Select a Security Requirements Method? A Comparative Study with Students and Practitioners , 2012, NordSec.

[30]  Antonio Maña,et al.  Towards Precise Security Patterns , 2008, 2008 19th International Workshop on Database and Expert Systems Applications.

[31]  Eduardo B. Fernández,et al.  Security solution frames and security patterns for authorization in distributed, collaborative systems , 2015, Comput. Secur..

[32]  Jan Jürjens,et al.  Overview of the 3 rd International Workshop on Software Patterns and Quality ( SPAQu ’ 09 ) , 2009 .

[33]  Joseph P. Cavano,et al.  A framework for the measurement of software quality , 1978, SIGMETRICS Perform. Evaluation Rev..

[34]  Abhijit Belapurkar,et al.  Distributed Systems Security: Issues, Processes and Solutions , 2009 .

[35]  Xiaohong Yuan,et al.  Semantic Analysis Patterns , 2000, ER.

[36]  Mohammad Zulkernine,et al.  Quantifying Security in Secure Software Development Phases , 2008, 2008 32nd Annual IEEE International Computer Software and Applications Conference.

[37]  Haralambos Mouratidis,et al.  Security Requirements Engineering for Cloud Computing: The Secure Tropos Approach , 2016, Domain-Specific Conceptual Modeling.

[38]  Mehmet Kara,et al.  REVIEW ON COMMON CRITERIA AS A SECURE SOFTWARE DEVELOPMENT MODEL , 2012 .

[39]  Eduardo B. Fernández,et al.  Securing distributed systems using patterns: A survey , 2012, Comput. Secur..

[40]  Eduardo B. Fernández,et al.  A Pattern-Driven Security Process for SOA Applications , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[41]  Mario Piattini,et al.  A comparison of software design security metrics , 2010, ECSA '10.

[42]  Paul Clements,et al.  Software architecture in practice , 1999, SEI series in software engineering.

[43]  Mario Piattini,et al.  PWSSec: Process for Web Services Security , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[44]  Marcos Arjona,et al.  Security knowledge representation artifacts for creating secure IT systems , 2017, Comput. Secur..

[45]  Jörn Eichler,et al.  Model-based Security Engineering of Electronic Business Processes , 2015 .

[46]  Colette Rolland,et al.  Using generic method chunks to generate process models fragments , 1996, Proceedings of the Second International Conference on Requirements Engineering.

[47]  Barry W. Boehm,et al.  Quantitative evaluation of software quality , 1976, ICSE '76.

[48]  Haralambos Mouratidis,et al.  When security meets software engineering: a case of modelling secure information systems , 2005, Inf. Syst..

[49]  Jan Jürjens,et al.  An Integrated Security Verification and Security Solution Design Trade-Off Analysis Approach , 2008 .

[50]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[51]  Liming Zhu,et al.  Situational Method Quality , 2007, Situational Method Engineering.

[52]  Tao Yue,et al.  Model-based security engineering for cyber-physical systems: A systematic mapping study , 2017, Inf. Softw. Technol..

[53]  Haralambos Mouratidis,et al.  A framework to support selection of cloud providers based on security and privacy requirements , 2013, J. Syst. Softw..

[54]  David Geer,et al.  Are Companies Actually Using Secure Development Life Cycles? , 2010, Computer.

[55]  Martin Gilje Jaatun,et al.  Hunting for Aardvarks: Can Software Security Be Measured? , 2012, CD-ARES.

[56]  Elli Georgiadou,et al.  PERFUMES: a scent of product quality characteristics , 2005 .

[57]  Ounsa Roudiès,et al.  Benchmarking SDL and CLASP lifecycle , 2014, 2014 9th International Conference on Intelligent Systems: Theories and Applications (SITA-14).

[58]  Claudio Gutierrez,et al.  Survey of graph database models , 2008, CSUR.

[59]  Igor V. Kotenko,et al.  A Methodology for the Analysis and Modeling of Security Threats and Attacks for Systems of Embedded Components , 2012, 2012 20th Euromicro International Conference on Parallel, Distributed and Network-based Processing.

[60]  Rébecca Deneckère Using Meta-patterns to Construct Patterns , 2002, OOIS.

[61]  Mario Piattini,et al.  MMISS-SME Practical Development: Maturity Model for Information Systems Security Management in SMEs , 2007, WOSIS.

[62]  Brian Henderson-Sellers,et al.  Process Construction and Customization , 2004, J. Univers. Comput. Sci..

[63]  Markus Schumacher,et al.  Security Engineering with Patterns: Origins, Theoretical Models, and New Applications , 2003 .

[64]  Michael Frankfurter Integrating Security And Software Engineering Advances And Future Visions , 2016 .

[65]  Michael Howard,et al.  The security development lifecycle : SDL, a process for developing demonstrably more secure software , 2006 .

[66]  Olga Gadyatskaya,et al.  Towards Empirical Evaluation of Automated Risk Assessment Methods , 2016, CRiSIS.

[67]  Wouter Joosen,et al.  On the Secure Software Development Process: CLASP and SDL Compared , 2007, Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007).

[68]  Forrest Shull,et al.  Using the ISO/IEC 9126 product quality model to classify defects: A controlled experiment , 2012, EASE.

[69]  Eduardo B. Fernández,et al.  Modeling Misuse Patterns , 2009, 2009 International Conference on Availability, Reliability and Security.

[70]  Eduardo B. Fernandez,et al.  A Methodology to Develop Secure Systems Using Patterns , 2006 .

[71]  Brian Henderson-Sellers,et al.  Situational Method Engineering: State-of-the-Art Review , 2010, J. Univers. Comput. Sci..

[72]  Simin Nadjm-Tehrani,et al.  Integrating security mechanisms into embedded systems by domain-specific modelling , 2014, Secur. Commun. Networks.

[73]  Mohammad Zulkernine,et al.  On Selecting Appropriate Development Processes and Requirements Engineering Methods for Secure Software , 2009, 2009 33rd Annual IEEE International Computer Software and Applications Conference.

[74]  Abhijit Belapurkar,et al.  Distributed Systems Security: Issues, Processes and Solutions , 2009 .

[75]  Manachai Toahchoodee,et al.  An aspect-oriented methodology for designing secure applications , 2009, Inf. Softw. Technol..

[76]  Shari Lawrence Pfleeger,et al.  Software Quality: The Elusive Target , 1996, IEEE Softw..

[77]  Stefan Wagner,et al.  An Integrated Approach to Quality Modelling , 2007, Fifth International Workshop on Software Quality (WoSQ'07: ICSE Workshops 2007).

[78]  Elli Georgiadou,et al.  In search for a widely applicable and accepted software quality model for software quality engineering , 2007, Software Quality Journal.

[79]  Hoda Mashayekhi,et al.  Towards a General Framework for Evaluating Software Development Methodologies , 2010, 2010 IEEE 34th Annual Computer Software and Applications Conference.

[80]  Mohd Naz'ri Mahrin,et al.  A Review on Factors Influencing Implementation of Secure Software Development Practices , 2016 .

[81]  Anton V. Uzunov A survey of security solutions for distributed publish/subscribe systems , 2016, Comput. Secur..

[82]  Martin Höst,et al.  A review of methods for evaluation of maturity models for process improvement , 2012, J. Softw. Evol. Process..

[83]  Jacques Klein,et al.  An extensive systematic review on the Model-Driven Development of secure systems , 2015, Inf. Softw. Technol..

[84]  Marco Vieira,et al.  A Survey on Secure Software Development Lifecycles , 2014 .

[85]  Fanny Andalia,et al.  Implementation of Analytical Hierarchy Process On Airplane Ticket Booking Application Selection With Software Quality Requirements and Evaluation ISO / IEC 25010 : 2011 , 2018 .

[86]  Antonio Maña,et al.  SERENITY Aware System Development Process , 2009, Security and Dependability for Ambient Intelligence.

[87]  Frank Swiderski,et al.  Threat Modeling , 2018, Hacking Connected Cars.

[88]  Jeff Tian,et al.  Software quality engineering - testing, quality assurance, and quantifiable improvement , 2005 .

[89]  Jan Jürjens,et al.  Specifying model changes with UMLchange to support security verification of potential evolution , 2014, Comput. Stand. Interfaces.

[90]  Alexander Chatzigeorgiou,et al.  A qualitative analysis of software security patterns , 2006, Comput. Secur..

[91]  Christiane Gresse von Wangenheim,et al.  Systematic literature review of usability capability/maturity models , 2018, Comput. Stand. Interfaces.

[92]  Brian Henderson-Sellers,et al.  A Method Assessment Framework , 2011, ME.

[93]  Robert O. Briggs,et al.  Modifiers: Increasing Richness and Nuance of Design Pattern Languages , 2008, EuroPLoP.

[94]  Antonio Maña,et al.  Security Patterns, Towards a Further Level , 2009, SECRYPT.

[95]  G. Kerr Quality factors. , 1988, Health physics.

[96]  Ruth Breu,et al.  Security engineering for service-oriented architectures , 2008 .

[97]  Eduardo B. Fernández,et al.  Engineering Security into Distributed Systems: A Survey of Methodologies , 2012, J. Univers. Comput. Sci..

[98]  H. B. Williams,et al.  A Survey , 1992 .

[99]  Inge van de Weerd,et al.  Meta-Modeling for Situational Analysis and Design Methods , 2009 .

[100]  Paulo F. Pires,et al.  RAMSES: A new reference architecture for self-adaptive middleware in Wireless Sensor Networks , 2017, Ad Hoc Networks.

[101]  Jan Jürjens Model-Based Security Engineering , 2006, SECRYPT.

[102]  George Spanoudakis,et al.  Security and Dependability for Ambient Intelligence , 2009, Security and Dependability for Ambient Intelligence.

[103]  Eduardo B. Fernández,et al.  ASE: A comprehensive pattern-driven security methodology for distributed systems , 2014, Comput. Stand. Interfaces.

[104]  Eduardo B. Fernandez,et al.  Security patterns in practice : designing secure architectures using software patterns , 2013 .

[105]  Nancy R. Mead Measuring the Software Security Requirements Engineering Process , 2012, 2012 IEEE 36th Annual Computer Software and Applications Conference Workshops.

[106]  Till Dörges,et al.  From security patterns to implementation using petri nets , 2008, SESS '08.

[107]  Jan Jürjens,et al.  Model-based privacy and security analysis with CARiSMA , 2017, ESEC/SIGSOFT FSE.

[108]  Mario Piattini,et al.  PSecGCM: Process for the Development of Secure Grid Computing based Systems with Mobile Devices , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[109]  H. Korzilius,et al.  Methodological criteria for the internal validity and utility of practice oriented research , 2011 .

[110]  Holger Schmidt A pattern- and component-based method to develop secure software , 2010 .

[111]  Antonio Maña,et al.  Towards Secure Ambient Intelligence Scenarios , 2006, SEKE.