Identifying and Implementing Security Patterns for a Dependable Security Case -- From Security Patterns to D-Case
2013 IEEE 16th International Conference on Computational Science and Engineering (2013)
Sydney, Australia Australia
Dec. 3, 2013 to Dec. 5, 2013
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSE.2013.31
Today's software systems are facing new and complicated challenges in confronting with security issues. There are lots of security tools and methods that are being created and used within institutes and organizations in order to mitigate risk, threats and vulnerabilities to systems. However, the publicized information so far still has holes and limitations in postulating successful results. Results to issues such as to 'how to confront threats and vulnerabilities before they occur' and the 'how to present a case concerning the security of the system to its stakeholders through system assuredness.' (1) At the moment, without assurance case there is no way to tell that a system or software meets its requirements in terms of safety, reliability, availability, security and dependability. (2) This papers concern is with the aspect of security. In order for a software system to achieve an adequate level of security, we need security assurance case. (3) This paper also discusses how we classify and identify security patterns in relation to D-Case. This is then to be use as a mechanism for capturing and communicating future system attacks before they took place.
Security, Software, Conferences, Software engineering, Availability, Modeling
V. Patu and S. Yamamoto, "Identifying and Implementing Security Patterns for a Dependable Security Case -- From Security Patterns to D-Case," 2013 IEEE 16th International Conference on Computational Science and Engineering(CSE), Sydney, Australia Australia, 2013, pp. 138-142.