Title :
Architecture Security Evaluation Method Based on Security of the Components
Author :
Changxiao Du ; Xiaohong Li ; Hong Shi ; Jing Hu ; Ruitao Feng ; Zhiyong Feng
Author_Institution :
Dept. of Comput. Sci. & Technol., Tianjin Univ., Tianjin, China
Abstract :
This paper presents a quantitative architecture security evaluation method to identify potential risks of an architecture. The method is based on security of the architecture components. In this method, components of the architecture are classified and their security measures are identified according to component function and architecture level. Then, an integration process applies analytic hierarchy process (AHP) and fuzzy evaluation analysis to determine quantitative and qualitative factors in evaluating the security of components. These factors are used to obtain security conclusions of the architecture. The experiment shows that the method not only improves efficiency of the evaluation, but also makes security evaluation process more objective and accurate.
Keywords :
analytic hierarchy process; fuzzy set theory; object-oriented programming; safety-critical software; software architecture; AHP; analytic hierarchy process; architecture level; component function; efficiency improvement; fuzzy evaluation analysis; integration process; qualitative factors; quantitative architecture security evaluation method; quantitative factors; risk identification; security measures; Access control; Authentication; Business; Computer architecture; Encryption; Vectors; AHP; Fuzzy evaluation analysis; architecture; component; security evaluation;
Conference_Titel :
Software Engineering Conference (APSEC), 2013 20th Asia-Pacific
Conference_Location :
Bangkok
Print_ISBN :
978-1-4799-2143-0
DOI :
10.1109/APSEC.2013.75
