 
|
|
|
カイヤ ハルヒコ
Kaiya Haruhiko 海谷 治彦 所属 神奈川大学 情報学部 計算機科学科 神奈川大学大学院 理学研究科 理学専攻(情報科学領域) 職種 教授 |
|
| 言語種別 | 英語 |
| 発行・発表の年月 | 2014/12 |
| 形態種別 | 学術雑誌 |
| 査読 | 査読あり |
| 標題 | Validating Security Design Pattern Applications by Testing Design Models |
| 執筆形態 | 共著 |
| 掲載誌名 | International Journal of Secure Software Engineering (IJSSE) |
| 出版社・発行元 | IGI-Global |
| 巻・号・頁 | 5(4),pp.1-30 |
| 担当範囲 | Pattern Design |
| 著者・共著者 | Takanori Kobashi and Nobukazu Yoshioka and Haruhiko Kaiya and Hironori Washizaki and Takano Okubo and Yoshiaki Fukazawa |
| 概要 | Software developers are not necessarily security experts, confirming potential threats and vulnerabilities at an early stage of the development process (e.g., in the requirement- and design-phase) is insufficient. Additionally, even if designed software considers security at an early stage, whether the software really satisfies the security requirements must be confirmed. To realize secure design, this work proposes an application to validate security patterns using model testing. Its method provides extended security patterns, which include requirement- and design-level patterns as well as a new model testing process using these patterns. After a developer specifies threats and vulnerabilities in the target system during an early stage of development, this method can validate whether the security patterns are properly applied and assess if these vulnerabilities are resolved. |
| DOI | 10.4018/ijsse.2014100101 |
Copyright © Kanagawa University. All Rights Reserved.