论文信息 - Improving Security Architecture Development Based on Multiple Criteria Decision Making

Improving Security Architecture Development Based on Multiple Criteria Decision Making

This paper describes an effort to improve security architecture development of information systems based on the multiple criteria decision making (MCDM) techniques. First, we introduce the fundamental of MCDM, describe how the security architecture is developed and analyze the main problems in the development. Finally, this paper shows how the MCDM techniques were applied to solve two problems in security architecture development. And an approach which could assist in prioritizing threats and selecting security technologies is illustrated. The practices indicate that MCDM techniques are valuable in formulating and solving problems in security architecture development.

Fang Liu | Zhiying Wang | Kui Dai

[1] Patrick Donohoe. Software Architecture, TC2 First Working IFIP Conference on Software Architecture (WICSA1), 22-24 February 1999, San Antonio, Texas, USA , 1999, WICSA.

[2] Jacek Malczewski,et al. GIS and Multicriteria Decision Analysis , 1999 .

[3] F. Lootsma. Fuzzy Logic for Planning and Decision Making , 1997 .

[4] Ching-Lai Hwang,et al. Multiple attribute decision making : an introduction , 1995 .

[5] Christopher M. King,et al. Security Architecture: Design, Deployment and Operations , 2001 .

[6] Mark Klein,et al. Quantifying the costs and benefits of architectural decisions , 2001, Proceedings of the 23rd International Conference on Software Engineering. ICSE 2001.

[7] Shawn A. Butler,et al. Security Attribute Evaluation Method , 2003 .