A Service-Oriented Framework for Quantitative Security Analysis of Software Architectures

Free registration required

Executive Summary

Software systems today often run in malicious environments in which attacks or intrusions are quite common. This situation has brought security concerns into the development of software systems. Generally, software services are expected not only to satisfy functional requirements but also to be resistant to malicious attacks. Software attackability is defined as the likelihood that an attack on a software system will succeed. This paper presents a service-oriented framework to analyze attackability of software systems. More specifically, the paper proposes a User System Interaction Effect (USIE) model that can be used systematically to derive and analyze security concerns from service-oriented software architectures.

  • Format: PDF
  • Size: 392.3 KB