首页    期刊浏览 2024年11月27日 星期三
登录注册

文章基本信息

  • 标题:Analyzing Security Aspects during Software Design Phase using Attack-based Analysis Model
  • 本地全文:下载
  • 作者:Saman Hedayatpour ; Nazri Kama ; Suriayati Chuprat
  • 期刊名称:International Journal of Software Engineering and Its Applications
  • 印刷版ISSN:1738-9984
  • 出版年度:2014
  • 卷号:8
  • 期号:3
  • 页码:143-156
  • DOI:10.14257/ijseia.2014.8.3.14
  • 出版社:SERSC
  • 摘要:In recent years, concentration on software design phase for evaluating security into the developing software increased where the cost of fixing errors in design level is several times less than the cost of fixing errors in the coding or implementation levels. One of the main challenges in facing current models that evaluate security into the software design phase refers to the need for existence of security experts to analyze the system from a security angle of view while this additional task makes the project more costly and lengthy. In this work we address this problem by defining a method for using known attacks' and threats' properties and behaviors instead of using a drawn misuse case for assessing potential risks in the developing software. The main contribution of this work refers to defining a model for analyzing security aspects into the software design phase while additional cost and time are not required for system analyzing by security experts.
  • 关键词:Secure software; software design; software threats; security analysis
国家哲学社会科学文献中心版权所有