Finding Security Patterns to Countermeasure Software Vulnerabilities
MetadataVis full innførsel
Software security is an increasingly important part of software development as the risk from attackers is constantly evolving through increased exposure, threats and economic impact of security breaches. Emerging security literature describes expert knowledge such as secure development best practices. This knowledge is often not applied by software developers because they lack security awareness, security training and secure development methods and tools. Existing methods and tools require too much effort and security is often given less priority in the trade-off between functionality and security. This thesis defines a tool supported approach to secure software analysis and design. Possible vulnerabilities and their causes are identified through analysis of software specifications and designs, resulting in vulnerability cause graphs. The security modelling tool SeaMonster is extended to include security activity graphs; this technique is used with vulnerability cause graphs to model vulnerabilities and security improvement activities. A security activity graph is created to identify activities that keep the vulnerabilities from instantiating in the final software product. The activities in the security activity graph can be the use of security patterns. This way the above approach is used to find a security pattern as a countermeasure to a vulnerability, and can be used with the security pattern design templates implemented in a preliminary project. This is a way of providing coupling between security expertise and software developers to apply security knowledge in software development practice. The approach and tools are tested and demonstrated through a development case study of a medical patient journal system. The main contributions of this thesis are an approach to secure software analysis and design, an extension of the security modelling tool SeaMonster, a case study of the approach and tools that show how security can be incorporated in early stages of software development. The contributions are intended to improve availability of security knowledge, to increase security awareness and bridge the gap between software experts and software developers.