2006 | OriginalPaper | Chapter
Quantitative Evaluation of Systems with Security Patterns Using a Fuzzy Approach
Authors : Spyros T. Halkidis, Alexander Chatzigeorgiou, George Stephanides
Published in: On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
The importance of Software Security has been evident, since it has been shown that most attacks to software systems are based on vulnerabilities caused by software poorly designed and developed. Furthermore, it has been discovered that it is desirable to embed security already at design phase. Therefore, patterns aiming at enhancing the security of a software system, called security patterns, have been suggested. The main target of this paper is to propose a mathematical model, based on fuzzy set theory, in order to quantify the security characteristics of systems using security patterns. In order to achieve this we first determine experimentally to what extent specific security patterns enhance several security aspects of systems. To determine this, we have developed two systems, one without security patterns and one containing them and have experimentally determined the level of the higher robustness to attacks of the latter. The proposed mathematical model follows.