Next Article in Journal
User in the Loop: Adaptive Smart Homes Exploiting User Feedback—State of the Art and Future Directions
Next Article in Special Issue
A Framework for Measuring Security as a System Property in Cyberphysical Systems
Previous Article in Journal
Speech Compression
Previous Article in Special Issue
Computer-Aided Identification and Validation of Privacy Requirements
Open AccessArticle

Implementation Support of Security Design Patterns Using Test Templates

1
Global Software Engineering Laboratory, Department of Computer Science and Engineering, Waseda University, Shinjuku-ku, Tokyo 169-8555, Japan
2
Information Security Division, Institute of Information Security, 2-14-1 Tsuruyacho, Kanagawa-ku, Yokohama, Kanagawa 221-0835, Japan
3
Department of Information Sciences, Kanagawa University, 2946 Tsuchiya, Hiratsuka-shi, Kanagawa 259-1293, Japan
4
GRACE Center, National Institute of informatics, 2-1-2 Hitotsubashi, Chiyoda-ku, Tokyo 101-8430, Japan
*
Author to whom correspondence should be addressed.
This paper is an extended version of Verification of Implementing Security Design Patterns Using a Test Template, Proceedings of the 9th International Conference on Availability, Reliability and Security (ARES2014), Fribourg, Switzerland, 8–12 September 2014.
Academic Editor: Eduardo B. Fernandez
Information 2016, 7(2), 34; https://doi.org/10.3390/info7020034
Received: 15 February 2016 / Revised: 15 May 2016 / Accepted: 2 June 2016 / Published: 15 June 2016
(This article belongs to the Special Issue Evaluating the Security of Complex Systems)
Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an “aspect test template” to observe the internal processing and a “test case template”. Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation. View Full-Text
Keywords: security patterns; model-based testing; test-driven development; aspect-oriented programming security patterns; model-based testing; test-driven development; aspect-oriented programming
Show Figures

Figure 1

MDPI and ACS Style

Yoshizawa, M.; Washizaki, H.; Fukazawa, Y.; Okubo, T.; Kaiya, H.; Yoshioka, N. Implementation Support of Security Design Patterns Using Test Templates. Information 2016, 7, 34.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop