• DocumentCode
    1638182
  • Title

    Towards a Practical Security Analysis Methodology

  • Author

    van den Berghe, Alexander

  • Author_Institution
    Dept. of Comput. Sci., KU Leuven, Leuven, Belgium
  • Volume
    2
  • fYear
    2015
  • Firstpage
    883
  • Lastpage
    886
  • Abstract
    The research community has proposed numerous techniques to perform security-oriented analyses based on a software design model. Such a formal analysis can provide precise security guarantees to the software designer, and facilitate the discovery of subtle flaws. Nevertheless, using such techniques in practice poses a big challenge for the average software designer, due to the narrow scope of each technique, the heterogeneous set of modelling languages that are required, and the analysis results that are often hard to interpret. Within the course of our research, we intend to provide practitioners with an integrated, easy-to-use modelling and analysis environment that enables them to work on a broad range of common security concerns without leaving the software design´s level of abstraction.
  • Keywords
    security of data; software engineering; formal analysis; modelling languages; security analysis methodology; security guarantee; security-oriented analysis; software design model; software designabstraction level; Analytical models; Cryptography; Software design; Unified modeling language; Vocabulary;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Engineering (ICSE), 2015 IEEE/ACM 37th IEEE International Conference on
  • Conference_Location
    Florence
  • Type

    conf

  • DOI
    10.1109/ICSE.2015.283
  • Filename
    7203105
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1638182