Validating Security Design Pattern Applications by Testing Design Models

2014 ◽  
Vol 5 (4) ◽  
pp. 1-30 ◽  
Author(s):  
Takanori Kobashi ◽  
Nobukazu Yoshioka ◽  
Haruhiko Kaiya ◽  
Hironori Washizaki ◽  
Takano Okubo ◽  
...  
Keyword(s):  
Development Process ◽  
Early Stage ◽  
Model Testing ◽  
Security Requirements ◽  
Target System ◽  
Security Design ◽  
Software Developers ◽  
Security Patterns ◽  
Stage Of Development ◽  
Testing Design

Software developers are not necessarily security experts, confirming potential threats and vulnerabilities at an early stage of the development process (e.g., in the requirement- and design-phase) is insufficient. Additionally, even if designed software considers security at an early stage, whether the software really satisfies the security requirements must be confirmed. To realize secure design, this work proposes an application to validate security patterns using model testing. Its method provides extended security patterns, which include requirement- and design-level patterns as well as a new model testing process using these patterns. After a developer specifies threats and vulnerabilities in the target system during an early stage of development, this method can validate whether the security patterns are properly applied and assess if these vulnerabilities are resolved.

Designing Secure Software by Testing Application of Security Patterns

2019 ◽  
pp. 136-169 ◽  
Author(s):  
Takanori Kobashi ◽  
Hironori Washizaki ◽  
Nobukazu Yoshioka ◽  
Haruhiko Kaiya ◽  
Takao Okubo ◽  
...  
Keyword(s):  
Early Stage ◽  
Model Testing ◽  
Security Requirements ◽  
Target System ◽  
Software Systems ◽  
Design Phase ◽  
Security Patterns ◽  
Stage Of Development ◽  
Secure Software ◽  
Design Software

Simply confirming potential threats and vulnerabilities in an early stage of the development process (e.g., the requirement or design phase) is insufficient because software developers are not necessarily security experts. Additionally, even if the software design considers security at an early stage, whether the software actually satisfies the security requirements must be confirmed. To realize secure design, the authors propose an application to design software systems with verification of security patterns using model testing. The method provides extended security patterns, which include requirement- and design-level patterns as well as a new designing and model testing process that uses these patterns. Once developers specify threats and vulnerabilities in the target system in an early stage of development, the method can verify whether the security patterns are properly applied and assess if the vulnerabilities are resolved.

SECURITY REQUIREMENTS VALIDATION FOR MOBILE APPS: A SYSTEMATIC LITERATURE REVIEW

2015 ◽  
Vol 77 (33) ◽  
Author(s):  
Noorrezam Yusop ◽  
Massila Kamalrudin ◽  
Safiah Sidek
Keyword(s):  
Literature Review ◽  
Systematic Literature Review ◽  
Early Stage ◽  
Mobile Apps ◽  
Relevant Information ◽  
Security Requirements ◽  
Security Testing ◽  
Testing Technique ◽  
Stage Of Development ◽  
Main Challenge

Security requirements are important to increase the confidence of mobile users to perform many online transactions, such as banking, booking and payment via mobile devices.  Objective: This study aims to identify the attributes of security requirements for mobile applications (mobile apps) and the existing tools, techniques and approaches used in security requirements. The gaps and limitations for each approach are also discussed. Method: We conducted a systematic literature review to identify and analyse related literatures on validation of security requirements for mobile apps. We identified 68 studies that provide relevant information on security requirements for mobile apps. Result:  There were two main findings: (1) the attributes of security requirements that are relevant for mobile apps are authentication, confidentiality, authorization, access control   and integrity; (2) Mobile security testing methods for validating security requirements of mobile apps were also identified. Finally, the gaps and limitation of each approach requirements in relation to mobile apps were also discussed. Conclusions: The main challenge of security requirements is to identify the most appropriate security attributes and security testing technique to validate security requirements for mobile apps. As such, requirements engineers should consider the challenges posed by security requirements such as testing when validating and developing security requirements for mobile apps testing technique. Further, correct security requirements for security attributes of security requirements need to be considered at the early stage of development of the mobile apps development.  

scholarly journals Research on the Innovation of Management Strategies of Enterprises in Different Stages of Development

2020 ◽  
Vol 4 (4) ◽  
pp. 122
Author(s):  
Pu Dai
Keyword(s):  
Management Strategy ◽  
Development Process ◽  
Early Stage ◽  
Management Strategies ◽  
International Competition ◽  
Enterprise Development ◽  
Stages Of Development ◽  
Stage Of Development ◽  
Start Ups ◽  
Statistical Results

With the development of China’s enterprises, many enterprises gradually go abroad to participate in international competition. However, some research and statistical results show that only 30% of newly established start-ups can survive, and most of them fall into unsustainable situation at the early stage of development. Based on this, this article studies the management strategy and innovation of enterprises in different stages of development, in order to provide useful reference for the development of enterprises in different stages. This article firstly analyses the characteristics of different stages of enterprise development process, and then gives corresponding management strategies and innovation methods based on different stages of enterprise development.

scholarly journals Security Modeling for Web Based Visitor‘s Login System for Pursuance of Security Design Pattern

2019 ◽  
Vol 9 (1) ◽  
pp. 982-991
Keyword(s):  
Software Development ◽  
Design Pattern ◽  
Early Stage ◽  
Quality Parameters ◽  
Security Requirements ◽  
Design Parameters ◽  
Design Decision ◽  
Security Design ◽  
Final Design ◽  
Use Of Internet

In recent years because of the widespread use of internet and other communication media security occurrences have broken all the barricades. System gets attacked by malicious attackers and various cyber criminalities. Every system should be built by taking security as a main priority while building a system so as to make it reliable, safety and also it should be enhanced with other quality parameters. Hence since beginning at every phase of software development till the implementation of the software, security aspect is needed to take into consideration before making the final design decision to avoid the expenses which may incur while recovering of the system after the damage. For attainment of this, it is must to integrate the security at each phase of the software development. The software developers insists on incorporating the software safeguards at the design phase which may wind up in identifying the architecture restrictions related with the security which in fact may not be necessary. To reduce this problem, this paper intends a structure for security development activities. These activities consist of security requirements identification and threats analysis which are to be converted into design decisions to lessen the risks to identified important assets. The recognized design parameters are then manually prioritized using VOSREP and CRAMM and accordingly Security design pattern is to be developed to incorporate security in the software. By manually calculating values of assets and prioritizing will help to identify the security requirements at the early stage of the software development life cycle. Accordingly the decisions for developing the security design pattern are to be taken for building the software system

The Application of UX Research in New Energy Vehicle Innovation

2019 ◽  
Vol 1 (1) ◽  
Author(s):  
Menghan TAO ◽  
Ning XIAO ◽  
Xingfu ZHAO ◽  
Wenbin LIU
Keyword(s):  
Early Stage ◽  
Rapid Expansion ◽  
The Other ◽  
Innovative Product ◽  
Stage Of Development ◽  
New Energy ◽  
New Energy Vehicle ◽  
The One ◽  
New Energy Vehicles ◽  
Degree Of Innovation

New energy vehicles(NEV) as a new thing for sustainable development, in China, on the one hand has faced the rapid expansion of the market; the other hand, for the new NEV users, the current NEVs cannot keep up with the degree of innovation. This paper demonstrates the reasons for the existence of this systematic challenge, and puts forward the method of UX research which is different from the traditional petrol vehicles research in the early stage of development, which studies from the user's essence level, to form the innovative product programs which meet the needs of users and being real attractive.

scholarly journals Learning health systems in primary care: a systematic scoping review

2021 ◽  
Vol 22 (1) ◽  
Author(s):  
Danielle M. Nash ◽  
Zohra Bhimani ◽  
Jennifer Rayner ◽  
Merrick Zwarenstein
Keyword(s):  
Primary Care ◽  
Quality Improvement ◽  
Health Systems ◽  
Scoping Review ◽  
Early Stage ◽  
Point Of Care ◽  
The United States ◽  
Stage Of Development ◽  
Integrated Health ◽  
Google Search

Abstract Background Learning health systems have been gaining traction over the past decade. The purpose of this study was to understand the spread of learning health systems in primary care, including where they have been implemented, how they are operating, and potential challenges and solutions. Methods We completed a scoping review by systematically searching OVID Medline®, Embase®, IEEE Xplore®, and reviewing specific journals from 2007 to 2020. We also completed a Google search to identify gray literature. Results We reviewed 1924 articles through our database search and 51 articles from other sources, from which we identified 21 unique learning health systems based on 62 data sources. Only one of these learning health systems was implemented exclusively in a primary care setting, where all others were integrated health systems or networks that also included other care settings. Eighteen of the 21 were in the United States. Examples of how these learning health systems were being used included real-time clinical surveillance, quality improvement initiatives, pragmatic trials at the point of care, and decision support. Many challenges and potential solutions were identified regarding data, sustainability, promoting a learning culture, prioritization processes, involvement of community, and balancing quality improvement versus research. Conclusions We identified 21 learning health systems, which all appear at an early stage of development, and only one was primary care only. We summarized and provided examples of integrated health systems and data networks that can be considered early models in the growing global movement to advance learning health systems in primary care.

Sign in / Sign up

Export Citation Format

Share Document