International audienceSecurity at the design stage of the software life cycle can be performed by means of security patterns, which are viable and reusable solutions to regular security problems. Their generic nature and growing number make their choice difficult though, even for experts in system design. To guide them through the appropriate choice of patterns, we present a methodology of security pattern classification and the classification itself, which exposes relationships among CAPEC attacks, CWE weaknesses and security patterns. Given a CAPEC attack, the classification expresses the security pattern combinations that overcome the attack. The methodology, which generates the classification is composed of five steps, which decompose p...
International audienceAttack trees are widely used in the fields of defense for the analysis of risk...
Attack trees provide a formal, methodical way of describing the security of systems, based on varyin...
One thing software developers must keep in mind when they are developing a project is the different ...
International audienceSecurity at the design stage of the software life cycle can be performed by me...
International audienceDesign Patterns are now widely accepted and used in software engineering ; the...
Revised paper from the third International Conference, ICISSP 2017, Porto, Portugal, February 19-21,...
International audienceSecurity patterns are reusable solutions, which enable the design of maintaina...
International audienceSecurity patterns are generic solutions that can be applied since early stages...
International audienceThis paper tackles the problems of generating concrete test cases for testing ...
We initiated an international collaboration between our security groups a few years ago, centered on...
International audience—We propose an approach for helping developers devise more secure applications...
International audienceThis paper tackles the problems of choosing security solutions and writing con...
We propose the characteristics of a software tool that leverages specifying attack pattern details i...
The software engineering community recognized the importance of addressing security requirements wit...
The different types of cyber-attacks on information and telecommunications systems are becoming incr...
International audienceAttack trees are widely used in the fields of defense for the analysis of risk...
Attack trees provide a formal, methodical way of describing the security of systems, based on varyin...
One thing software developers must keep in mind when they are developing a project is the different ...
International audienceSecurity at the design stage of the software life cycle can be performed by me...
International audienceDesign Patterns are now widely accepted and used in software engineering ; the...
Revised paper from the third International Conference, ICISSP 2017, Porto, Portugal, February 19-21,...
International audienceSecurity patterns are reusable solutions, which enable the design of maintaina...
International audienceSecurity patterns are generic solutions that can be applied since early stages...
International audienceThis paper tackles the problems of generating concrete test cases for testing ...
We initiated an international collaboration between our security groups a few years ago, centered on...
International audience—We propose an approach for helping developers devise more secure applications...
International audienceThis paper tackles the problems of choosing security solutions and writing con...
We propose the characteristics of a software tool that leverages specifying attack pattern details i...
The software engineering community recognized the importance of addressing security requirements wit...
The different types of cyber-attacks on information and telecommunications systems are becoming incr...
International audienceAttack trees are widely used in the fields of defense for the analysis of risk...
Attack trees provide a formal, methodical way of describing the security of systems, based on varyin...
One thing software developers must keep in mind when they are developing a project is the different ...