Title: A quantitative and knowledge-based approach to choosing security architectural tactics
Authors: Suntae Kim
Addresses: Department of Software Engineering, Chonbuk National University, 567 Baekje-daero, deokjin-gu, Jeonju-si, Jeollabuk-do, 561-756, Republic of Korea
Abstract: This paper presents a quantitative approach to choosing security architectural tactics using architectural tactic knowledge base. An architectural tactic is an architectural design building block pertaining to a software quality. The tactic knowledge base is a tactic repository composing of architectural tactic specifications defined in role based metamodelling language (RBML) and their relationships expressed in a feature model. In this paper, a cost of an architectural tactic is estimated by using the use case points method, and a level of tactic contribution for non-functional requirements (NFRs) is predicted by the analytic hierarchy process (AHP) and sensitivity analysis. Then, the proposed approach suggests the best possible fit which is likely to satisfy NFRs. We applied the approach to choosing security architectural tactics for building software architecture of an online trading system.
Keywords: security architectural tactics; secure software architecture; quantitative tactic selection; architectural tactic knowledge base; software quality; metamodelling; RBML; feature modelling; non-functional requirements; NFRs; analytical hierarchy process; AHP; sensitivity analysis; online trading systems.
DOI: 10.1504/IJAHUC.2015.067780
International Journal of Ad Hoc and Ubiquitous Computing, 2015 Vol.18 No.1/2, pp.45 - 53
Received: 14 Sep 2013
Accepted: 05 Mar 2014
Published online: 05 Mar 2015 *