Skip to Main content Skip to Navigation
Conference papers

An Asset-Based Assistance for Secure by Design

Abstract : With the growing numbers of security attacks causing more and more serious damages in software systems, security cannot be added as an afterthought in software development. It has to be built in from the early development phases such as requirement and design. The role responsible for designing a software system is termed an "architect", knowledgeable about the system architecture design, but not always well-trained in security. Moreover, involving other security experts into the system design is not always possible due to time-to-market and budget constraints. To address these challenges, we propose to define an asset-based security assistance in this paper, to help architects design secure systems even if these architects have limited knowledge in security. This assistance helps alert threats, and integrate the security controls over vulnerable parts of system into the architecture model. The central concept enabling this assistance is that of asset. We apply our proposal on a telemonitoring case study to show that automating such an assistance is feasible.
Document type :
Conference papers
Complete list of metadatas

Cited literature [33 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-02990897
Contributor : Nicolas Belloir <>
Submitted on : Thursday, November 5, 2020 - 5:37:24 PM
Last modification on : Monday, November 23, 2020 - 10:37:38 AM

File

APSEC_2020_paper_96-versionSou...
Files produced by the author(s)

Identifiers

  • HAL Id : hal-02990897, version 1

Citation

Nicolas Belloir, Nan Messe, Vanea Chiprianov, Jamal El-Hachem, Régis Fleurquin, et al.. An Asset-Based Assistance for Secure by Design. APSEC 2020 - 27th Asia-Pacific Software Engineering Conference, Dec 2020, Singapore, Singapore. pp.1-10. ⟨hal-02990897⟩

Share

Metrics

Record views

156

Files downloads

31