Title :
Towards a Practical Security Analysis Methodology
Author :
van den Berghe, Alexander
Author_Institution :
Dept. of Comput. Sci., KU Leuven, Leuven, Belgium
Abstract :
The research community has proposed numerous techniques to perform security-oriented analyses based on a software design model. Such a formal analysis can provide precise security guarantees to the software designer, and facilitate the discovery of subtle flaws. Nevertheless, using such techniques in practice poses a big challenge for the average software designer, due to the narrow scope of each technique, the heterogeneous set of modelling languages that are required, and the analysis results that are often hard to interpret. Within the course of our research, we intend to provide practitioners with an integrated, easy-to-use modelling and analysis environment that enables them to work on a broad range of common security concerns without leaving the software design´s level of abstraction.
Keywords :
security of data; software engineering; formal analysis; modelling languages; security analysis methodology; security guarantee; security-oriented analysis; software design model; software designabstraction level; Analytical models; Cryptography; Software design; Unified modeling language; Vocabulary;
Conference_Titel :
Software Engineering (ICSE), 2015 IEEE/ACM 37th IEEE International Conference on
Conference_Location :
Florence
DOI :
10.1109/ICSE.2015.283
