Data-Driven Selection of Security Application Frameworks During Architectural Design

Abstract The selection of application frameworks is an important aspect of architectural design. Selection often requires satisficing, that is, searching a potentially large space of design alternatives until an acceptable solution is found. There is, however, little help for architects in selecting software frameworks. In this paper we investigate the criteria used by practicing software architects in selecting security frameworks. We also propose how information associated with some of the criteria that are important to architects can be obtained manually or in an automated way from online sources such as GitHub. Our ultimate goal is to identify measures associated with these criteria that can be helpful in providing support for architects to select software frameworks.

[1]  Yuanfang Cai,et al.  Titan: a toolset that connects software architecture with quality analysis , 2014, SIGSOFT FSE.

[2]  Rick Kazman,et al.  Architectural Analysis for Security , 2015, IEEE Security & Privacy.

[3]  Armin Eberlein,et al.  COTS Selection: Past, Present, and Future , 2007, 14th Annual IEEE International Conference and Workshops on the Engineering of Computer-Based Systems (ECBS'07).

[4]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[5]  Rajendra M. Sonar,et al.  Evaluating and selecting software packages: A review , 2009, Inf. Softw. Technol..

[6]  Yuanfang Cai,et al.  Decoupling Level: A New Metric for Architectural Maintenance Complexity , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering (ICSE).

[7]  Humberto Cervantes,et al.  Designing Software Architectures: A Practical Approach , 2016 .

[8]  Paul Clements,et al.  Software Architecture in Practice: Addison-Wesley , 1998 .