Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
An Analytical Security Model for Existing Software Systems
Download
index.pdf
Date
2014-03-01
Author
Isazadeh, Ayaz
Elgedawy, Islam
Karimpour, Jaber
Izadkhah, Habib
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
63
views
0
downloads
Cite This
Nowadays, evaluation of software security, as one of the important quality attributes, is of paramount importance. There are many software systems have not considered security in their design; this makes them vulnerable to security risks. Architecture is the most important consideration in software design that affects final quality of software. Quality attributes such as efficiency and reliability have been studied at software architecture level; however, no report has ever been provided about the effect of software architecture on security. The purpose of this paper is to propose a mathematical-based method for evaluating and quantifying software security using the coupling aspects of the software architecture. To achieve this goal, first, we show the relationship between coupling types and vulnerability using an empirical-based software engineering technique that adopts Mozilla Firefox Browser vulnerability data. Then, we propose a mathematical weighted relationship between coupling types and vulnerability, where regression statistical analysis and Mozilla Firefox vulnerability data are used to predicate the relationship coefficients. Finally, we extract software architecture using DAGC tool and then convert the extracted architecture into Discrete Time Markov chains, which are used to predict and compute the system over all vulnerability.
Subject Keywords
Security
,
Software Architecture
,
Mozilla Firefox Browser
,
Markov chains
URI
https://hdl.handle.net/11511/67692
Journal
APPLIED MATHEMATICS & INFORMATION SCIENCES
DOI
https://doi.org/10.12785/amis/080228
Collections
Engineering, Article
Suggestions
OpenMETU
Core
A process modeling based method for identification and implementation of software development tool integration-tuples
Ertürkmen, K. Alpay; Demirörs, Onur; Department of Information Systems (2010)
Software development is highly dependent on the use of tools. These tools support and automate activities performed in different sub-domains of software development. However, they don‘t adequately provide or support integration facilities, and act as ―islands of automation‖. This restricts their benefits to only specific parts of the process. To reap the benefits of integration, this thesis provides a process modeling based method named PLETIN to identify and implement software development tool integration-...
An Ontology based approach to requirements reuse problem in software product lines
Karataş, Elif Kamer; Birtürk, Ayşenur; Department of Computer Engineering (2012)
With new paradigms in software engineering such as Software Product Lines, scope of reuse is enlarged from implementation upto design, requirements, test-cases, etc. In this thesis an ontology-based approach is proposed as a solution to systematic requirement reuse problem in software product lines, and the approach is supported with a reuse automation tool. A case study is performed on the projects of an industrial software product line using hereby proposed solution and then based on the evaluated metrics...
A metrics-based approach to the testing process and testability of object-oriented software systems
Yurga, Tolga; Doğru, Ali Hikmet; Department of Information Systems (2009)
This dissertation investigates the factors that affect testability and testing cost of object- oriented software systems. Developing a software program which eases the testing process by increasing testability is crucial. Also, to assess whether or not the testing effort and cost consumed or planned is adequate or not is another critical matter this dissertation aims to answer by composing a new way to evaluate the links between software design parameters and testing effort via source-based metrics. An auto...
A method for product defectiveness prediction by using process enactment data in a small software organization
Sivrioğlu, Damla; Demirörs, Onur; Tarhan, Ayça; Department of Information Systems (2012)
As a part of the quality management, product defectiveness prediction is vital for small software organizations as for instutional ones. Although for defect prediction there have been conducted a lot of studies, process enactment data cannot be used because of the difficulty of collection. Additionally, there is no proposed approach known in general for the analysis of process enactment data in software engineering. In this study, we developed a method to show the applicability of process enactment data for...
A framework for qualitative assessment of domain-specific languages
Kahraman, Gokhan; Bilgen, Semih (Springer Science and Business Media LLC, 2015-10-01)
Domain-specific languages (DSLs) are used for improving many facets of software development, but whether and to what extent this aim is achieved is an important issue that must be addressed. This paper presents a proposal for a Framework for Qualitative Assessment of DSLs (FQAD). FQAD is used for determining the perspective of the evaluator, understanding the goal of the assessment and selecting fundamental DSL quality characteristics to guide the evaluator in the process. This framework adapts and integrat...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
A. Isazadeh, I. Elgedawy, J. Karimpour, and H. Izadkhah, “An Analytical Security Model for Existing Software Systems,”
APPLIED MATHEMATICS & INFORMATION SCIENCES
, pp. 691–702, 2014, Accessed: 00, 2020. [Online]. Available: https://hdl.handle.net/11511/67692.
