Abstract

Recent security breaches show the need to secure large, distributed, complex systems. A fundamental, but little discussed aspect of security is how to evaluate when a complete system is secure. Purely formal methods cannot handle this level of complexity. Code checking does not consider the interaction of separate modules working together and is hard to scale. Model-based approaches, such as patterns and problem frames, can be effective for handling large systems. Their use in evaluating security appears promising. A few works in this direction exist, but there is a need for more ideas. This Special Issue focuses on global, model-based, architectural, and systems-oriented evaluation methods.

Highlights

  • Introduction to the Special Issue onEvaluating the Security of Complex Systems AbstractRecent security breaches show the need to secure large, distributed, complex systems

  • There are several reasons for this but one of the most important is that there are no evaluations of the security of the systems built using security patterns

  • We have found very few papers attempting to evaluate security, not just in systems using patterns, but on any other type of system [1,2,3,4]. This is especially paradoxical for systems built with security patterns since, as we discussed in our previous works [2,5], patterns provide a reference to perform this evaluation by analyzing if the patterns provide a way to control the identified threats or as a basis for proofs

Read more

Summary

Introduction

Introduction to the Special Issue onEvaluating the Security of Complex Systems AbstractRecent security breaches show the need to secure large, distributed, complex systems. There are several reasons for this but one of the most important is that there are no evaluations of the security of the systems built using security patterns. We have found very few papers attempting to evaluate security, not just in systems using patterns, but on any other type of system [1,2,3,4]. This is especially paradoxical for systems built with security patterns since, as we discussed in our previous works [2,5], patterns provide a reference to perform this evaluation by analyzing if the patterns provide a way to control the identified threats or as a basis for proofs.

Results
Conclusion
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.