This Article 
 Bibliographic References 
 Add to: 
Architectural Risk Analysis of Software Systems Based on Security Patterns
July-September 2008 (vol. 5 no. 3)
pp. 129-142
The importance of software security has been profound, since most attacks to software systems are based on vulnerabilities caused by poorly designed and developed software. Furthermore, the enforcement of security in software systems at the design phase can reduce the high cost and effort associated with the introduction of security during implementation. For this purpose, security patterns that offer security at the architectural level have been proposed in analogy to the well known design patterns. The main goal of this paper is to perform risk analysis of software systems based on the security patterns they contain. The first step is to determine to what extent specific security patterns shield from known attacks. This information is fed to a mathematical model based on fuzzy set theory and fuzzy fault trees in order to compute the risk for each category of attacks. The whole process has been automated using a methodology that extracts the risk of a software system by reading the class diagram of the system under study.

[1] E. Amoroso, Fundamentals of Computer Security Technology. Prentice Hall, 1994.
[2] C. Anley, “Advanced SQL Injection in SQL Server Applications,” white paper, NGSSoftware, 2002.
[3] C.A. Berry, J. Carnell, M.B. Juric, M.M. Kunnumpurath, N. Nashi, and S. Romanosky, J2EE Design Patterns Applied. Wrox Press, 2002.
[4] B. Blakley, C. Heath, and Members of the Open Group Security Forum, Security Design Patterns: Open Group Technical Guide, 2004.
[5] Borland Together Architect Home Page, http://www.borland.comtogether, 2007.
[6] A. Braga, C. Rubira, and R. Dahab, “Tropyc: A Pattern Language for Cryptographic Software,” Proc. Fifth Conf. Pattern Languages of Programming (PLoP), 1998.
[7] P.J. Brooke and R.F. Paige, “Fault Trees for Security System Design and Analysis,” Computers and Security, vol. 22, no. 3, pp.256-264, Apr. 2003.
[8] K.-Y. Cai, Introduction to Fuzzy Reliability. Kluwer Academic Publishers, 1996.
[9] K.-Y. Cai, “System Failure Engineering and Fuzzy Methodology: An Introductory Overview,” Fuzzy Sets and Systems, vol. 83, no. 2, pp. 113-133, Oct. 1996.
[10] K.-Y. Cai, “Software Reliability Experimentation and Control,” J. Computer Science and Technology, vol. 21, no. 5, pp. 697-707, Sept. 2006.
[11] Cross Site Scripting (XSS) Questions and Answers,, , 2007.
[12] S.-J. Chen and S.-M. Chen, “Fuzzy Risk Analysis Based on Similarity Measures of Generalized Fuzzy Numbers,” IEEE Trans. Fuzzy Sets and Systems, vol. 11, no. 1, pp. 45-56, Feb. 2003.
[13] E. Fernandez, Metadata and Authorization Patterns, , 2007.
[14] M. Fowler, UML Distilled: A Brief Guide to the Standard Modeling Language. Addison Wesley, 2003.
[15] S. Friedl, SQL Injection Attacks by Example, http://www.unixwiz. net/techtipssql-injection.html , 2007.
[16] Fuzzy Risk Analysis Framework,, 2007.
[17] E. Gamma, R. Helm, R. Johnson, and J. Vlissides, Design Patterns: Elements of Reusable Object-Oriented Software. Addison Wesley, 1995.
[18] K. Goseva-Popstojanova and K.S. Trivedi, “Architecture-Based Approach to Reliability Assessment of Software Systems,” Performance Evaluation, vol. 45, nos. 2-3, pp. 179-204, July 2001.
[19] S.T. Halkidis, A. Chatzigeorgiou, and G. Stephanides, “AQualitative Evaluation of Security Patterns,” Proc. Sixth Int'l Conf. Information and Comm. Security (ICICS), 2004.
[20] G. Hoglund and G. McGraw, Exploiting Software: How to Break Code. Addison Wesley, 2004.
[21] M. Howard and D. LeBlanc, Writing Secure Code. Microsoft Press, 2002.
[22] D. Hu, “Preventing Cross-Site Scripting Vulnerability,” white paper, SANS Inst., 2004.
[23] JBoss Home Page, http:/, 2007.
[24] J. Jürjens, Secure Systems Development with UML. Springer-Verlag, 2005.
[25] D. Kienzle and M. Elder, “Security Patterns for Web Application Development,” technical report, Univ. of Virginia, 2002.
[26] A. Klein, “Divide and Conquer: HTTP Response Splitting, WebCache Poisoning Attacks and Related Topics,” white paper, Sanctum, 2004.
[27] F. Lee Brown, J. Di Vietri, G. Diaz de Villegas, and E. Fernandez, “The Authenticator Pattern,” Proc. Sixth Conf. Pattern Languages of Programming (PLoP), 1999.
[28] H.W. Lewis III, The Foundations of Fuzzy Control. Plenum Press, 1997.
[29] B. Littlewood, S. Brocklehurst, N. Fenton, P. Mellor, S. Page, D. Wright, J. Dobson, J. McDermid, and D. Gollman, “Towards Operational Measures of Computer Security,” J.Computer Security, vol. 2, no. 3, pp. 211-229, 1993.
[30] B. Livshits and M.S. Lam, “Finding Security Vulnerabilities in Java Applications with Static Analysis,” Proc. 14th Usenix Security Symp., Aug. 2005.
[31] B. Livshits and M.S. Lam, “Finding Security Vulnerabilities in Java Applications with Static Analysis,” technical report, Stanford Univ., 2005.
[32] B.B. Madan, K. Goseva-Popstojanova, K. Vaidyanathan, and K.S. Trivedi, “A Method for Modeling and Quantifying the Security Attributes of Intrusion Tolerant Systems,” Performance Evaluation, vol. 56, nos. 1-4, pp. 167-186, Mar. 2004.
[33] Q. Mahmoud, “Security Policy: A Design Pattern for Mobile Java Code,” Proc. Seventh Conf. Pattern Languages of Programming (PLoP), 2000.
[34] G. McGraw, Software Security: Building Security In. Addison Wesley, 2006.
[35] B. Möller, M. Beer, and M. Liebscher, “Fuzzy Analysis as Alternative to Stochastic Methods: Theoretical Aspects,” Proc.Fourth German LS-DYNA Forum '05, pp. D-I-29-D-I-43, 2005.
[36] H. Mouratidis, P. Giorgini, and M. Schumacher, “Security Patterns for Agent Systems,” Proc. Eighth European Conf. Pattern Languages of Programs (EuroPLoP), 2003.
[37] MySQL Home Page, http:/, 2007.
[38] D.M. Nicol, W.H. Sanders, and K.S. Trivedi, “Model-Based Evaluation: From Dependability to Security,” IEEE Trans. Dependable and Secure Computing, vol. 1, no. 1, pp. 48-65, Jan.-Mar. 2004.
[39] L.L. Pullum, Software Fault Tolerance Techniques and Implementation. Artech House, 2001.
[40] E. Roman, R.P. Sriganesh, and G. Brose, Mastering Enterprise JavaBeans. Wiley Publishing, 2005.
[41] S. Romanosky, “Enterprise Security Patterns,” Information Systems Security Assoc. J., Mar. 2003.
[42] B. Ross, C. Jackson, N. Miyake, D. Boneh, and J.C. Mitchell, “Stronger Password Authentication Using Browser Extensions,” Proc. 14th Usenix Security Symp., 2005.
[43] J. Scambray and M. Shema, Hacking Exposed Web Applications. McGraw-Hill, 2002.
[44] D.I.K. Sjøberg, J.E. Hannay, O. Hansen, V. By Kampenes, A. Karahasanović, N.-K. Liborg, and A.C. Rekdal, “A Survey of Controlled Experiments in Software Engineering,” IEEE Trans. Software Eng., vol. 31, no. 9, pp.733-753, Sept. 2005.
[45] K. Spett, “Cross-Site Scripting: Are Your Web Applications Vulnerable?” white paper, SPI Laboratories, 2005.
[46] K. Spett, “SQL Injection: Are Your Web Applications Vulnerable?” white paper, SPI Laboratories, 2005.
[47] D. Spinnelis, Code Quality: The Open Source Perspective. Addison Wesley, 2006.
[48] C. Steel, R. Nagappan, and R. Lai, Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management. Prentice Hall, 2006.
[49] J. Viega and G. McGraw, Building Secure Software: How to Avoid Security Problems the Right Way. Addison Wesley, 2002.
[50] Watchfire Home Page, http:/, 2007.
[51] M. Weiss, “Patterns for Web Applications,” Proc. 10th Conf. Pattern Languages of Programming (PLoP), 2003.
[52] T. Wu, “A Real-World Analysis of Kerberos Password Security,” Proc. Network and Distributed System Symp. (NDSS), 1999.
[53] XML Metadata Interchange, formalxmi.htm, 2007.
[54] J. Yoder and J. Barcalow, “Architectural Patterns for Enabling Application Security,” Proc. Fourth Conf. Pattern Languages of Programming (PLoP), 1997.
[55] H.-J. Zimmerman, Fuzzy Set Theory and Its Applications. Kluwer Academic Publishers, 1996.

Index Terms:
Security, Risk management, Patterns, Software Architectures
Spyros T. Halkidis, Nikolaos Tsantalis, Alexander Chatzigeorgiou, George Stephanides, "Architectural Risk Analysis of Software Systems Based on Security Patterns," IEEE Transactions on Dependable and Secure Computing, vol. 5, no. 3, pp. 129-142, July-Sept. 2008, doi:10.1109/TDSC.2007.70240
Usage of this product signifies your acceptance of the Terms of Use.