Options
Does organizing security patterns focus architectural choices?
Publikationstyp
Conference Paper
Date Issued
2012-06
Sprache
English
Author(s)
Start Page
617
End Page
627
Article Number
6227155
Citation
Proceedings - 34th International Conference on Software Engineering: 6227155, 617-627 (2012-07-30)
Contribution to Conference
Publisher DOI
Scopus ID
Publisher
IEEE
Security patterns can be a valuable vehicle to design secure software. Several proposals have been advanced to improve the usability of security patterns. They often describe extra annotations to be included in the pattern documentation. This paper presents an empirical study that validates whether those proposals provide any real benefit for software architects. A controlled experiment has been executed with 90 master students, who have performed several design tasks involving the hardening of a software architecture via security patterns. The results show that annotations produce benefits in terms of a reduced number of alternatives that need to be considered during the selection of a suitable pattern. However, they do not reduce the time spent in the selection process.
Subjects
experiment
secure software engineering
security patterns
software architecture
DDC Class
004: Informatik