Title :
Security Modeling and Tool Support Advantages
Author :
Baadshaug, Egil Trygve ; Erdogan, Gencer ; Meland, Per Håkon
Author_Institution :
Norwegian Univ. of Sci. & Technol., Trondheim, Norway
Abstract :
Security modeling is an important part of software security, especially when it comes to making security knowledge more easily accessible. The purpose of this paper is to give an overview of some of the current approaches to graphical security modeling and present an initial study related to benefits of tool support.Our working hypothesis is that specialized security modeling tools will substantially outperform more general, prevailing tools, and we have sought indications of evidence for this claim. The study consisted of the following steps; (1) Investigate state-of-the-art security modeling formalisms and tools, (2) Select a security modeling formalism for further analysis and implement dedicated tool support for it, (3) Perform testing related to usability and performance aspects, comparing the tool to a general purpose drawing/modeling tool, and (4) Compare and analyze the results. The study included ten test subjects with a similar background and education, and we got clear indications that our hypothesis is valid.
Keywords :
security of data; software tools; graphical security modeling; security modeling formalism; software security; tool support; Availability; Books; Performance analysis; Performance evaluation; Programming; Security; Software tools; Testing; Tree graphs; Usability; experimental study; security modeling; tool support;
Conference_Titel :
Availability, Reliability, and Security, 2010. ARES '10 International Conference on
Conference_Location :
Krakow
Print_ISBN :
978-1-4244-5879-0
DOI :
10.1109/ARES.2010.11
