Architecture Security Evaluation Method Based on Security of the Components

Architecture Security Evaluation Method Based on Security of the Components

This paper presents a quantitative architecture security evaluation method to identify potential risks of an architecture. The method is based on security of the architecture components. In this method, components of the architecture are classified and their security measures are identified accordin...

Full description

Saved in:
Bibliographic Details
Published in:2013 20th Asia-Pacific Software Engineering Conference (APSEC) Vol. 1; pp. 523 - 528
Main Authors: Changxiao Du, Xiaohong Li, Hong Shi, Jing Hu, Ruitao Feng, Zhiyong Feng
Format: Conference Proceeding
Language:English
Published: IEEE 01-12-2013
Subjects:
Access control
AHP
architecture
Authentication
Business
component
Computer architecture
Encryption
Fuzzy evaluation analysis
security evaluation
Vectors
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper presents a quantitative architecture security evaluation method to identify potential risks of an architecture. The method is based on security of the architecture components. In this method, components of the architecture are classified and their security measures are identified according to component function and architecture level. Then, an integration process applies analytic hierarchy process (AHP) and fuzzy evaluation analysis to determine quantitative and qualitative factors in evaluating the security of components. These factors are used to obtain security conclusions of the architecture. The experiment shows that the method not only improves efficiency of the evaluation, but also makes security evaluation process more objective and accurate.
ISSN:1530-1362
2640-0715
DOI:10.1109/APSEC.2013.75