Imagem da capa

Security Pattern Detection in Software Architectures

Na minha lista:
Publicado no:ProQuest Dissertations and Theses (2025)
Autor principal: Alvi, Aleem Khalid
Publicado em:
ProQuest Dissertations & Theses
Assuntos:
Accuracy
Dictionaries
Usability
Design of experiments
Software development
Collaboration
Quality control
Automation
Objectives
Feedback
Access control
Product design
Case studies
Operating systems
Quality standards
Classification
Semantic analysis
Taxonomy
Algorithms
Classification schemes
Automatic text analysis
Architects
Software engineering
Semantics
Computer science
Acesso em linha:Citation/Abstract
Full Text - PDF
Tags: Adicionar Tag
Sem tags, seja o primeiro a adicionar uma tag!
Resumo:Software design patterns help simplify large-scale software development by offering reusable solutions to common design challenges. Similarly, security patterns serve as reusable architectural solutions to recurring security problems and are essential for embedding robust security mechanisms in software systems. These patterns act as best practices for mitigating vulnerabilities and form crucial components in secure system design. However, applying security patterns can be error-prone. Several issues, including misused, omitted, or incorrectly implemented components, can leave systems vulnerable to attacks. To combat these shortcomings, detection techniques have emerged to identify when security patterns are missing, improperly used, or deviate from standard practice. While many methods exist for identifying general design patterns, only a handful specifically target security patterns. This thesis presents a generic security pattern detection framework that can employ various matrix-based matching techniques. The thesis first identifies the challenge of selecting appropriate security patterns through a systematic analysis of existing classification schemes. It proposes a novel classification framework aligned with the phases of the software development lifecycle. The framework uniquely incorporates security flaws by mapping security objectives to the requirements phase, security properties to the design phase, and attack patterns to the implementation phase. This process is enabling targeted and context-aware pattern selection. Building on this classification, the thesis introduces a Security Pattern Detection (SPD)framework to identify the presence or absence of security patterns within software systems through three core processes: system data extraction, pattern matching, and semantic validation. The SPD framework features three matrix-based matching techniques: Ordered Matrix Matching (OMM), which identifies complete pattern structures through ordered relationships; Non-Uniform Distributed Matrix Matching(NDMM), which detects partial or irregular implementations via class relationship similarity; and Diagonally Distributed Matrix Matching (DDMM), which uses diagonal matrix traversal for efficient detection in large-scale systems. The framework’s effectiveness is validated through experiments on multiple software systems, demonstrating high detection accuracy, zero false positives, and efficient resource usage. Among these, NDMM shows superior adaptability and precision, particularly in heterogeneous environments. Collectively, this research offers a unified approach to strategic classification and reliable detection of security patterns, significantly enhancing security assurance in software engineering.
ISBN:9798270205263
Fonte:ProQuest Dissertations & Theses Global