To the top

Page Manager: Webmaster
Last update: 9/11/2012 3:13 PM

Tell a friend about this page
Print version

A lingua franca for secur… - University of Gothenburg, Sweden Till startsida
Sitemap
To content Read more about how we use cookies on gu.se

A lingua franca for security by design

Conference paper
Authors Alexander Van Den Berghe
Koen Yskout
Riccardo Scandariato
Wouter Joosen
Published in 2018 IEEE Cybersecurity Development Conference, SecDev 2018
Publication year 2018
Published at Department of Computer Science and Engineering (GU)
Language en
Keywords Evaluation, Modelling language, Security by design, User study
Subject categories Computer and Information Science

Abstract

© 2018 IEEE. The principle of security by design is advocated by academia as well as industry. Unfortunately, its adoption in practice is not yet widespread. We believe a reason for this is the lack of a 'lingua franca' for security modelling. Such a language should support security specialists to precisely describe the security aspects in a software design, as well as simultaneously serve to communicate with a broader audience of stakeholders. For this paper, we have assessed how well a formally backed security modelling language we previously proposed, suits the needs of the needs of these two groups. Concretely, we report on a large user study investigating how well security novices are able to comprehend the foundations of our language. Furthermore, to assess our language's practicality, we show how it can be used to create a realistic model of authentication. We have found that our language's foundations are comprehensible to a broader audience and they allow to precisely model a design's security aspects, albeit some shortcomings requiring attention have been identified. Based on these findings, we believe that a precise yet comprehensible security by design lingua franca is within reach.

Page Manager: Webmaster|Last update: 9/11/2012
Share:

The University of Gothenburg uses cookies to provide you with the best possible user experience. By continuing on this website, you approve of our use of cookies.  What are cookies?