Home // ICIW 2012, The Seventh International Conference on Internet and Web Applications and Services // View article

Towards a Reuse-oriented Security Engineering for Web-based Applications and Services

Authors:
Aleksander Dikanski
Sebastian Abeck

Keywords: security engineering, software development, security patterns, service-orientation

Abstract:
Security should be considered throughout a software development process to develop secure applications. This security engineering effort is restricted due to the complexity and diffusion of todays security knowledge. Approaches, such as misuse cases for threat specification and patterns for security functionality modeling, try to use and integrate security into software development, but their combined use is still difficult. In this paper a framework for developing secure software systems is presented, which aims at incorporating and unifying existing security engineering approaches by applying well-established reuse-oriented software development paradigms, such as service-orientation. The security-related activities and reusable artifacts of important development phases are discussed and the mapping of artifacts between different development phases is presented.

Pages: 282 to 285

Copyright: Copyright (c) IARIA, 2012

Publication date: May 27, 2012

Published in: conference

ISSN: 2308-3972

ISBN: 978-1-61208-200-4

Location: Stuttgart, Germany

Dates: from May 27, 2012 to June 1, 2012