This event has ended. Visit the official site or create your own event on Sched.
  • Registration is open every day from 7:30 a.m. until the close of the day’s sessions. 
  • 30-minute refreshment breaks are at 10:00 a.m. and 2:30 p.m. daily (Wednesday afternoon break is at 2:00 p.m.). 
  • Lunch is 12:00-1:00 p.m. daily in the Catalina Ballroom (Monday lunch is in the Shutters Hospitality Suite)
Back To Schedule
Thursday, May 5 • 8:30am - 10:00am
Security Design Refinement Through Mapping Tactics to Patterns

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tactics are a set of generic design primitives that underlie software architecture design. Security tactics are a principled starting point in designing a secure software architecture. Because they are primitives, security tactics are inherently abstract. It is up to individual software architects, on their own, to refine these tactics to more specific design decisions. For this reason, they need guidance to facilitate and regularize this refinement process.

One form of this guidance is to provide explicit mappings between tactics and security patterns, which are refinements of security tactics: less abstract and closer to code. Identifying concrete relationships between tactics and patterns will save architects (who are not, in general, security experts) the trouble of drawing such links themselves. Such predefined mappings may also prevent architects from making incorrect refinements from tactics to patterns, and from there into code.

This participatory session will begin by introducing and familiarizing participants with the concepts of software security, security tactics, and security patterns. Then we will proceed to a group activity. The purposes of this hands-on exercise include

  • empowering participants to customize their own security tactics hierarchy and security pattern collection
  • teaching participants the mechanics of the tactics-refinement process so that they can conduct their own refinement process in the future

Get the slides.

Watch the video.

avatar for Rick Kazman

Rick Kazman

University of Hawaii and Carnegie Mellon Software Engineering Institute
Rick Kazman is a Professor at the University of Hawaii and a Research Scientist at the Software Engineering Institute. His primary research interests are software architecture, design and analysis tools, software visualization, and software engineering economics. He is the author... Read More →
avatar for Jungwoo Ryoo

Jungwoo Ryoo

Pennsylvania State University
Jungwoo Ryoo is an Associate Professor in the Information Sciences and Technology (IST) Department at Pennsylvania State University–Altoona. Ryoo is also a graduate and affiliated faculty member of the College of IST at Penn State. He is a technical editor for IEEE Communications... Read More →

Thursday May 5, 2016 8:30am - 10:00am PDT
Fairbanks B