University of Limerick Institutional Repository

Assessment of a framework for designing and evaluating security sensitive architecture

DSpace Repository

Show simple item record

dc.contributor.author Ali Babar, Muhammad
dc.date.accessioned 2012-03-20T15:13:48Z
dc.date.available 2012-03-20T15:13:48Z
dc.date.issued 2008
dc.identifier.uri http://hdl.handle.net/10344/2106
dc.description peer-reviewed en_US
dc.description.abstract Background: We have developed an Architectural Level Security Analysis Framework (ALSAF), which can be used to consider and address security related issues at software architecture level. Goal: Our goal was to empirically assess the usefulness of ALSAF for identifying security attributes and security design patterns for satisfying those attributes during architecture design and evaluation. Assessment approach: The reported assessment was performed with one pilot study and one Quasiexperiment. In the main study, there were 19 software development professionals who participated in the study after attending a training course. The participants were required to identify security attributes and security design patterns suitable for achieving those attributes based on a given list of security properties. One group (control group) was given the textual description of security patterns, attributes, and properties, the other group (treatment group) was given ALSAF as well as the document provided to the control group. The outcome variables were security attributes and security patterns for a web-based system, whose requirements were provided to the participants. Result: The average score for identifying security attributes for the treatment group was 4.56 and for the control group was 2.60. The difference between the groups was significant using Mann-Whiney test (p=0.011). The average score for identifying the security patterns for the treatment group was 5.78 and for the control group was 2.8. Mann-Whitney test revealed that the difference between the groups was again significant at (p=0.022). Post-study questionnaire revealed that majority of the participants were convinced of the usefulness of ALSAF in identifying and understanding the relationships between security attributes, properties, and patterns for supporting architectural level security analysis. Conclusion: The findings provide an initial evidence to support the claim of the usefulness of ALSAF for supporting security sensitive analysis during architecture design and evaluation. en_US
dc.language.iso eng en_US
dc.relation.ispartofseries 12th Interntaional Conference on Evaluation and Assessment in Software Engineering;2008
dc.subject software architecture evaluation en_US
dc.subject security attributes en_US
dc.subject technology assessment en_US
dc.subject empirical studies en_US
dc.title Assessment of a framework for designing and evaluating security sensitive architecture en_US
dc.type Conference item en_US
dc.type.supercollection all_ul_research en_US
dc.type.supercollection ul_published_reviewed en_US
dc.type.restriction none en
dc.contributor.sponsor SFI
dc.relation.projectid 03/CE2/I303_1
dc.internal.authorcontactother malibaba@lero.ie


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search DSpace


Browse

My Account

Statistics