Measuring the interplay of security principles in software architectures

Buyens, Koen; Scandariato, Riccardo; Joosen, Wouter

Measuring the interplay of security principles in software architectures

Publikationstyp

Conference Paper

Publikationsdatum

2009-10

Sprache

English

Author

Buyens, Koen

Scandariato, Riccardo

Joosen, Wouter

TORE-URI

http://hdl.handle.net/11420/14988

Start Page

554

End Page

563

Article Number

5315968

Citation

3rd International Symposium on Empirical Software Engineering and Measurement, ESEM 2009: 5315968, 554-563 (2009-12-28)

Contribution to Conference

3rd International Symposium on Empirical Software Engineering and Measurement, ESEM 2009

Publisher DOI

10.1109/ESEM.2009.5315968

Scopus ID

2-s2.0-72449210147

Publisher

IEEE

Security principles like least privilege and attack surface reduction play an important role in the architectural phase of security engineering processes. However, the interplay between these principles and the side effects of the application of these secure design strategies on architectural qualities like maintainability have not been studied so far. Therefore it is hard to make informed trade-off decisions between security principles and between security and other qualities. This paper tackles this problem from a quantitative perspective by presenting the experimental results in the context of three case studies.

DDC Class

004: Informatik

Options

Measuring the interplay of security principles in software architectures