Model-driven architectural risk analysis using architectural and contextualised attack patterns

This source preferred by Shamal Faily

Authors: Faily, S., Lyle, J., Namiluko, C., Atzeni, A. and Cameroni, C.

Journal: Proceedings of the Workshop on Model-Driven Security

Pages: 3:1-3:6

Publisher: ACM

This data was imported from DBLP:

Authors: Faily, S., Lyle, J., Namiluko, C., Atzeni, A.S. and Cameroni, C.

Journal: MDsec

Pages: 3

DOI: 10.1145/2422498.2422501

This data was imported from Scopus:

Authors: Faily, S., Lyle, J., Namiluko, C., Atzeni, A. and Cameroni, C.

Journal: Proceedings of the Workshop on Model-Driven Security, MDsec 2012

ISBN: 9781450318068

DOI: 10.1145/2422498.2422501

A secure system architecture is often based on a variety of design and security model elements. Without some way of evaluating the impact of these individual design elements in the face of possible attacks, design flaws may weaken a software architecture. This paper illustrates how architectural and contextualised attack patterns can be used to formalise the elements of architectural attacks and possible defences. We illustrate how these patterns, and tool-support building upon them, can be used to automate an architectural risk analysis process. We demonstrate this approach using an example from the EU FP7 webinos project. © 2012 ACM.

The data on this page was last updated at 04:42 on September 24, 2017.