SATURN2015 has ended
View analytic
Thursday, April 30 • 2:00pm - 2:30pm
The Architectural Analysis for Security (AAFS) Method

Sign up or log in to save this to your schedule and see who's attending!

Security is a quality attribute that has both architectural and coding implications—it is necessary to get both right to create and maintain secure systems. But most of the existing research on making systems secure has focused on coding, and there is little direction or insight into how to create a secure architecture. In this talk we propose several ways to analyze and evaluate the security readiness of an architecture: vulnerability-based (VoAA), tactics-based (ToAA), and pattern-based architectural analysis (PoAA) techniques. We first compare the strengths and weaknesses of each approach. Next, we show that these different approaches are complementary to each other. Finally, we describe how to combine these analysis techniques in a single analysis method to obtain the best outcomes. We employ our blended analysis technique in a case study to demonstrate the feasibility of our architectural-security analysis method.

avatar for Rick Kazman

Rick Kazman

University of Hawaii and Carnegie Mellon Software Engineering Institute
Dr. Rick Kazman is a professor at the University of Hawaii and a research scientist at the Software Engineering Institute. His primary research interests are software architecture, design and analysis tools, software visualization, and software engineering economics. He is the author... Read More →
avatar for Jungwoo Ryoo

Jungwoo Ryoo

Pennsylvania State University
Jungwoo Ryoo is an associate professor and chair of the Information Sciences and Technology (IST) Department at the Pennsylvania State University–Altoona. Ryoo is also a graduate and affiliated faculty member of the college of IST. He is a technical editor for IEEE Communications... Read More →

Thursday April 30, 2015 2:00pm - 2:30pm
3. Salon E

Attendees (0)