Sciweavers

DBSEC
2006

Aspect-Oriented Risk Driven Development of Secure Applications

14 years 1 months ago
Aspect-Oriented Risk Driven Development of Secure Applications
Abstract. Security breaches seldom occur because of faulty security mechanisms. Often times, security mechanisms are incorrectly incorporated in an application which allows them to be bypassed resulting in a security breach. Methodologies are needed for incorporating security mechanisms in an application and assessing whether the resulting system is indeed secure. We propose one such methodology for designing secure applications. We begin by identifying the assets in the application that need protection. We then find the kinds of attacks that are typical for such applications. We show how to evaluate the application against such attacks. If the results are unacceptable, that is, they pose a high security risk, then some security mechanism must be incorporated into the application. We illustrate how this can be done and show how the resulting system can be evaluated to give assurance that it is resilient to the given attack.
Geri Georg, Siv Hilde Houmb, Indrakshi Ray
Added 30 Oct 2010
Updated 30 Oct 2010
Type Conference
Year 2006
Where DBSEC
Authors Geri Georg, Siv Hilde Houmb, Indrakshi Ray
Comments (0)