Next Article in Journal
User in the Loop: Adaptive Smart Homes Exploiting User Feedback—State of the Art and Future Directions
Next Article in Special Issue
A Framework for Measuring Security as a System Property in Cyberphysical Systems
Previous Article in Journal
Speech Compression
Previous Article in Special Issue
Computer-Aided Identification and Validation of Privacy Requirements
Article Menu

Export Article

Open AccessArticle
Information 2016, 7(2), 34; doi:10.3390/info7020034

Implementation Support of Security Design Patterns Using Test Templates

1
Global Software Engineering Laboratory, Department of Computer Science and Engineering, Waseda University, Shinjuku-ku, Tokyo 169-8555, Japan
2
Information Security Division, Institute of Information Security, 2-14-1 Tsuruyacho, Kanagawa-ku, Yokohama, Kanagawa 221-0835, Japan
3
Department of Information Sciences, Kanagawa University, 2946 Tsuchiya, Hiratsuka-shi, Kanagawa 259-1293, Japan
4
GRACE Center, National Institute of informatics, 2-1-2 Hitotsubashi, Chiyoda-ku, Tokyo 101-8430, Japan
This paper is an extended version of Verification of Implementing Security Design Patterns Using a Test Template, Proceedings of the 9th International Conference on Availability, Reliability and Security (ARES2014), Fribourg, Switzerland, 8–12 September 2014.
*
Author to whom correspondence should be addressed.
Academic Editor: Eduardo B. Fernandez
Received: 15 February 2016 / Revised: 15 May 2016 / Accepted: 2 June 2016 / Published: 15 June 2016
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)

Abstract

Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an “aspect test template” to observe the internal processing and a “test case template”. Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation. View Full-Text
Keywords: security patterns; model-based testing; test-driven development; aspect-oriented programming security patterns; model-based testing; test-driven development; aspect-oriented programming
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. (CC BY 4.0).

Scifeed alert for new publications

Never miss any articles matching your research from any publisher
  • Get alerts for new papers matching your research
  • Find out the new papers from selected authors
  • Updated daily for 49'000+ journals and 6000+ publishers
  • Define your Scifeed now

SciFeed Share & Cite This Article

MDPI and ACS Style

Yoshizawa, M.; Washizaki, H.; Fukazawa, Y.; Okubo, T.; Kaiya, H.; Yoshioka, N. Implementation Support of Security Design Patterns Using Test Templates. Information 2016, 7, 34.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Information EISSN 2078-2489 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top