Today, security is still considered to late in the process of software engineering. Architectural rules for security can support software architects and developers in consciously taking security into account during design and implementation phase. They allow to monitor a software system’s security level. As a step towards monitoring and controlling the erosion of an architecture’s security specifications we present a set of rules derived from well-known security building blocks such as patterns along with our identification process. Through these rules we aim to support architects in monitoring the implementation’s conformance with security measures and, hence, in building secure software systems. The architectural security rules we identified are evaluated through expert interviews with industrial software engineers.
CITATION STYLE
Jasser, S. (2019). Constraining the Implementation Through Architectural Security Rules: An Expert Study. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11915 LNCS, pp. 203–219). Springer. https://doi.org/10.1007/978-3-030-35333-9_15
Mendeley helps you to discover research relevant for your work.