Software requirements and architecture modeling for evolving non-secure applications into secure applications

Science of Computer Programming

Volumn 66, Issue 1, 2007, Pages 60-70

  Shin, Michael E ^a   Gomaa, Hassan ^b  

^a Texas Tech University   (United States)

^b George Mason University   (United States)

Author keywords

Application system; Evolution; Security; Software architecture; Software requirements

Indexed keywords

ELECTRONIC COMMERCE; MATHEMATICAL MODELS; REQUIREMENTS ENGINEERING; SECURITY OF DATA; SOFTWARE ARCHITECTURE;

APPLICATION SYSTEM; DISTRIBUTED CONFIGURATIONS; SOFTWARE REQUIREMENTS;

COMPUTER SOFTWARE;

EID: 33947608669     PISSN: 01676423     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.scico.2006.10.009     Document Type: Article

References (28)

1. Alexander I. Misuse cases: Use cases with hostile intent. IEEE Software 20 1 (2003) 58-66
2. C. Bidan, V. Issarny, Security benefits from software architecture, in: Proceedings of the 2nd International Conference on Coordination Languages and Models, 1997, pp. 64-80
3. Booch G., Rumbaugh J., and Jacobson I. The Unified Modeling Language User Guide. 2nd ed. (2005), Addison-Wesley
4. Buschmann F., Meunier R., Rohnert H., and Sommerlad P. Pattern Oriented Software Architecture: A System of Patterns (1996), John Wiley & Sons
5. Deng Y., Wang J., Tsai J.J.P., and Beznosov K. An approach for modeling and analysis of security system architectures. IEEE Transactions on Knowledge and Data Engineering 15 5 (2003) 1099-1119
6. Ford W., and Baum M.S. Secure Electronic Commerce: Building the Infrastructure for Digital Signatures and Encryption (1997), Prentice-Hall PRT
7. Gomaa H. Designing Concurrent, Distributed, and Real-Time Applications with UML (2000), Addison-Wesley
8. Gomaa H. Designing Software Product Lines with UML (2005), Addison-Wesley
9. Gomaa H., Menasce D., and Shin E. Reusable component interconnection patterns for distributed software architectures. Proceedings ACM Symposium on Software Reusability. May 2001 (2001), ACM Press, Toronto, Canada 69-77
10. H. Gomaa, M.E. Shin, Multiple-view meta-modeling of software product lines, in: The 8th IEEE International Conference on Engineering of Complex Computer Systems, ICECCS 2002, December 2002, Maryland
11. H. Gomaa, M.E. Shin, Modeling complex systems by separating application and security concerns, in: The 9th IEEE International Conference on Engineering of Complex Computer Systems, ICECCS 2004, April 2004, Italy
12. J. Jürjens, UMLsec: Extending UML for secure systems development, UML 2002, September 30-October 4, 2002, Dresden
13. Kristensen L.M., Christensen S., and Jensen K. The practitioner's guide to colored Petri nets. International Journal STTT 2 (1998) 98-132
14. T. Lodderstedt, D. Basin, J. Doser, SecureUML: A UML-based modeling language for model-driven security, in: The 5th International Conference on the Unified Modeling Language, September 30-October 4, Dresden, Germany, 2002
15. J. McDermott, C. Fox, Using abuse case models for security requirements analysis, in: Proc. of the 15th Annual Computer Security Application Conference, 1999, pp. 55-66
16. J.D. Moffett, C.B. Haley, B. Nuseibeh, Core Security Requirements Artefacts, Technical Report, The Open University, UK, 2004
17. R. Pettit, H. Gomaa, Modeling behavioral design patterns of concurrent objects, in: Proc. International Conference on Software Engineering, May 2006, Shanghai, China
18. Pfleeger C.P., and Pfleeger S.L. Security in Computing. 3rd ed. (2002), Prentice-Hall, Inc.
19. Ren J., Taylor R., Dourish P., and Redmiles D. Towards an architectural treatment of software security: A connector-centric approach. Software Engineering for Secure Systems. SESS05. ACM SIGSOFT Software Engineering Notes 30 4 (2005)
20. Rose Real Time, http://www-306.ibm.com/software/awdtools/developer/rose/, IBM, 2005
21. Rumbaugh J., Booch G., and Jacobson I. The Unified Modeling Language Reference Manual. 2nd ed. (2004), Addison-Wesley
22. Sandhu R.S., Coyne E.J., Feinstein H.L., and Youman C.E. Role-based access control models. IEEE Computer 29 2 (1996) 38-47
23. Shaw M., and Garlan D. Software Architecture: Perspectives on an Emerging Discipline (1996), Prentice-Hall
24. M.E. Shin, Evolution in multiple-view models in software product families, Ph.D. Dissertation, George Mason University, Fairfax, VA, 2002
25. Shin M.E., Levis A., Wagenhals L., and Kim D. Analyzing dynamic behavior of large-scale system through model transformation. International Journal of Software Engineering and Knowledge Engineering 15 1 (2005) 35-60
26. Sindre G., and Opdahl A.L. Eliciting security requirements with misuse cases. Requirements Engineering 10 1 (2005) 34-44
27. Sommerville I. Software Engineering. 7th ed. (2004), Addison-Wesley
28. T. Srivatanakul, J.A. Clark, F. Polack, Writing effective security abuse cases, Technical Report YCS-2004-375, University of York, 2004