Evaluating Security Properties of Architectures in Unpredictable Environments: A Case for Cloud

Faniyi, Funmilade; Bahsoon, Rami; Evans, Andy; Kazman, Rick

doi:10.1109/wicsa.2011.25

Cited by 21 publications

(19 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It provides a well structured procedure to evaluate an architecture's fitness taking into account a set of non-dominant quality attributes (in the sense that improving one attribute will implicitly worsen another). ATAM has been successfully used for analysing software architectures in cloud computing [30], with a special focus on the security aspect [13], for investigating the design of service-oriented systems for serious games [8] as well as a starting point for bespoke approaches considering the impact of uncertainty on software requirements and architectures [29], the importance of enterprise information systems availability [33] or the sustainability of software architectures [50]. When applied to the Aviator domain, ATAM enabled the identification and management of the following factors.…”

Section: Aviator Architecture Evaluationmentioning

confidence: 99%

An architecture for the autonomic curation of crowdsourced knowledge

et al. 2017

View full text Add to dashboard Cite

Human knowledge curators are intrinsically better than their digital counterparts at providing relevant answers to queries. That is mainly due to the fact that an experienced biological brain will account for relevant community expertise as well as exploit the underlying connections between knowledge pieces when offering suggestions pertinent to a specific question, whereas most automated database managers will not. We address this problem by proposing an architecture for the autonomic curation of crowdsourced knowledge, that is underpinned by semantic technologies. The architecture is instantiated in the career data domain, thus yielding Aviator, a collaborative platform capable of producing complete, intuitive and relevant answers to career related queries, in a time effective manner. In addition to pro- The Good Careers Guide, London, UK viding numeric and use case based evidence to support these research claims, this extended work also contains a detailed architectural analysis of Aviator to outline its suitability for automatically curating knowledge to a high standard of quality.

show abstract

Section: Aviator Architecture Evaluationmentioning

confidence: 99%

An architecture for the autonomic curation of crowdsourced knowledge

et al. 2017

View full text Add to dashboard Cite

show abstract

“…An example of a design vulnerability from a recent case study [53] allowed ciphered text to be accessible to the user to provide a sense of data security. This was identified to be a major design vulnerability, as it permits the user to cryptanalyse the ciphered text to identify the cryptographic key used during encryption.…”

Section: Chapter 3 Requirements For Security Testing 33 Design-spementioning

confidence: 99%

“…The application also aimed at soliciting an unbiased view of the approach's potential when applied by a industrial-party architecture team (comprised of two senior architects, an MSC student and 2 developers). The results of this stage were published in [53]. We built on the results of the first stage to evaluate the adaptivity of an IS approach in which we added more functionality.…”

Section: Case Study 2: Cloud Applicationmentioning

confidence: 99%

“…The purpose of the case study was to develop a secure architecture that interfaced between a bank and the cloud environment as a means of provisioning risk management services related to the bank's business [53].…”

Section: Industrial Cloud Case Study Backgroundmentioning

confidence: 99%

“…The first ISs detected corresponded to the case in which the client makes a web service call to encrypt a sensitive field value but an attacker is able to manipulate the web service to perform a decryption Figure 6.6 IS attack reported by Funmilade et al [53].…”

Section: Stage 1: Industrial-party Case Studymentioning

confidence: 99%

See 2 more Smart Citations

Architecture-Centric Testing for Security

Al-Azzani

2014

Agile Software Architecture

Self Cite

View full text Add to dashboard Cite

This thesis presents a novel architecture-centric approach, which uses Implied Scenarios (IS) to detect design-vulnerabilities in the software architecture. It reviews security testing approaches, and draws on their limitations in addressing unpredictable behaviour in the face of evolution. The thesis introduces the concept of Security IS as unanticipated architecture. The refinement is test-driven and incremental, where refinements are tested before they are committed. The thesis also presents SecArch, an extension to the IS approach to enhance its search-space to detect hidden race conditions. It is concerned with predicting further valid conditions in the face of real parallelism in distributed systems with respect to non-FIFO queues.The thesis reports on the applications of the proposed approach and its extension to three case studies for testing the security of distributed and cloud architectures in the presence of uncertainty in the operating environment, unpredictability of interaction and possible security IS. The applications demonstrate novelty in the way security testing addresses emergent behaviour in applications which are characterised with dynamism, heterogeneity, openness, scale and unpredictability in operation and their evolution trends.We have drawn on these case studies to evaluate the thesis.

show abstract

Model-based security testing: a taxonomy and systematic classification

Felderer

Zech

Breu

et al. 2015

Softw. Test. Verif. Reliab.

View full text Add to dashboard Cite

Model-based security testing relies on models to test whether a software system meets its security requirements. It is an active research field of high relevance for industrial applications, with many approaches and notable results published in recent years. This article provides a taxonomy for model-based security testing approaches. It comprises filter criteria (i.e. model of system security, security model of the environment and explicit test selection criteria) as well as evidence criteria (i.e. maturity of evaluated system, evidence measures and evidence level). The taxonomy is based on a comprehensive analysis of existing classification schemes for model-based testing and security testing. To demonstrate its adequacy, 119 publications on model-based security testing are systematically extracted from the five most relevant digital libraries by three researchers and classified according to the defined filter and evidence criteria. On the basis of the classified publications, the article provides an overview of the state of the art in model-based security testing and discusses promising research directions with regard to security properties, coverage criteria and the feasibility and return on investment of model-based security testing. 120 M. FELDERER ET AL. 9126 [4] defining security as a functional quality characteristic. However, it seems desirable that security testing directly targets the previous security properties, as opposed to taking the detour of functional tests of security mechanisms. This view is supported by the ISO/IEC 25010 [2] standard that revises ISO/IEC 9126 and introduces security as a new quality characteristic that is not included in the characteristic functionality any more.Because the former kind of (non-functional) security properties describes all executions of a system, this kind of security testing is intrinsically hard. Because testing cannot show the absence of faults, an immediately useful perspective directly considers the violation of these properties. This has resulted in the development of specific testing techniques such as penetration testing that simulates attacks to exploit vulnerabilities. Penetration tests are difficult to craft because tests often do not directly cause observable security exploits, and because the testers must think like an attacker [5], which requires specific expertise. During penetration testing, testers build a mental model of security properties, security mechanisms and possible attacks against the system and its environment. It seems intuitive that security testing can benefit from specifying these security test models in an explicit and processable way. Security test models provide guidance for the systematic and effective specification and documentation of security test objectives and security test cases, as well as for their automated generation and evaluation.The variant of testing that relies on explicit models that encode information on the system under test and/or its environment is called model-based testing (MBT) [6,7]. Especially in ...

show abstract

Evaluating Security Properties of Architectures in Unpredictable Environments: A Case for Cloud

Cited by 21 publications

References 19 publications

An architecture for the autonomic curation of crowdsourced knowledge

An architecture for the autonomic curation of crowdsourced knowledge

Architecture-Centric Testing for Security

Model-based security testing: a taxonomy and systematic classification

Contact Info

Product

Resources

About