Skip to main content
SpringerLink
Log in

A Methodology to Automate the Security Patterns Selection

  • Conference paper
  • First Online:
Security, Privacy, and Anonymity in Computation, Communication, and Storage (SpaCCS 2020)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12382))

Abstract

Security has become an important issue for software systems. The numbers of threats are advancing day by day making it more challengeable to cope with it. During the software development life cycle (especially security oriented applications) it is difficult for the novice users to adopt the security measures correctly. A lot of security patterns are available but the question is how to choose the right pattern from the set of given patterns. For this reason we proposed a three step methodology which will help in automating the security pattern selection process. We exploit the proposed methodology by leveraging the capabilities of Fuzzy c-mean and Text categorization approach. We used a sample of security patterns along with a set of 3 security problems to assess the efficacy of proposed methodology. The experimental results are promising in terms of organization and selection of security design patterns for given design problems at hand.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Hussain, S., Keung, J., Sohail, M.K., Khan, A.A., Ilahi, M.: Automated framework for classification and selection of software design patterns. Appl. Soft Comput. 75, 1–20 (2019). ISSN 1568-4946

    Article  Google Scholar 

  2. Hussain, S., Keung, J., Khan, A.A.: Software design patterns classification and selection using text categorization approach. Appl. Soft Comput. 58, 225–244 (2017). ISSN 1568-4946

    Article  Google Scholar 

  3. Singh, C., Bala, A.: A transform-based fast fuzzy C-means approach for high brain MRI segmentation accuracy. Appl. Soft Comput. 76, 156–173 (2018)

    Article  Google Scholar 

  4. Fernandez, E.B., Washizaki, H., Yoshioka, N., Kubo, A., Fukazawa, Y.: Classifying security patterns. In: Zhang, Y., Yu, G., Bertino, E., Xu, G. (eds.) APWeb 2008. LNCS, vol. 4976, pp. 342–347. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78849-2_35

    Chapter  Google Scholar 

  5. Dangler, J.Y.: Categorization of Security Design Patterns. Electronic Theses and Dissertations. Paper 1119 (2013)

    Google Scholar 

  6. Laverdiere, M.A., Mourad, A., Hanna, A., Debbabi, M.: Security design patterns: survey and evaluation conference. In: Proceedings: Canadian Conference on Electrical and Computer Engineering. IEEE, May 2006

    Google Scholar 

  7. Hasheminejad, S.M.H., Jalili, S.: Design patterns selection: an automatic two-phase method. J. Syst. Softw. 85, 408–424 (2012)

    Article  Google Scholar 

  8. Hotho, A., Nurnberger, A., Paab, G.: A brief survey of text mining. J. Comput. Linguist. Lang. Technol. 20, 19–62 (2005)

    Google Scholar 

  9. Hussain, S., et al.: Mining version history to predict the class instability. PLoS ONE 14, e0221780 (2019)

    Article  Google Scholar 

  10. Douglass, B.P.: Real-Time Design Patterns: Robust Scalable Architecture for Real-Time Systems. Addison-Wesley/Longman Publishing Co., Inc., Boston (2002)

    Google Scholar 

  11. Silberschatz, A., Galvin, P.B., Gagne, G.: Operating System Concepts, 6th edn. (2002)

    Google Scholar 

  12. Tichy, W.F.: A catalogue of general-Purpose software design patterns. In: Proceedings of Technology of Object-Oriented Languages and Systems, pp. 330–339 (1997)

    Google Scholar 

  13. Sung, E., Kelley, T.R.: Identifying design process patterns: a sequential analysis study of design thinking. Int. J. Technol. Des. Educ. 29(2), 283–302 (2018). https://doi.org/10.1007/s10798-018-9448-1

    Article  Google Scholar 

  14. Dwivedi, A.K., Tirkey, A., Rath, S.K.: Applying learning-based methods for recognizing design patterns. Innovations Syst. Softw. Eng. 15(2), 87–100 (2019). https://doi.org/10.1007/s11334-019-00329-3

    Article  Google Scholar 

  15. Klotins, E., Unterkalmsteiner, M., Gorschek, T.: Software engineering in start-up companies: an analysis of 88 experience reports. Empir. Softw. Eng. 24(1), 68–102 (2018). https://doi.org/10.1007/s10664-018-9620-y

    Article  Google Scholar 

  16. Jha, Shambhu Kr., Mishra, R.K.: Predicting and accessing security features into component-based software development: a critical survey. In: Hoda, M.N., Chauhan, N., Quadri, S.M.K., Srivastava, P.R. (eds.) Software Engineering. AISC, vol. 731, pp. 287–294. Springer, Singapore (2019). https://doi.org/10.1007/978-981-10-8848-3_28

    Chapter  Google Scholar 

  17. Peng, J., Zhao, S., Dong, J., Liu, Y., Meersmans, J., Li, H., Wu, J.: Applying ant colony algorithm to identify ecological security patterns in megacities. Environ. Model Softw. 117, 214–222 (2019)

    Article  Google Scholar 

  18. Asif, M., Ali, I., Malik, M.S.A., Chaudary, M.H., Tayyaba, S., Mahmood, M.T.: Annotation of software requirements specification (srs), extractions of nonfunctional requirements, and measurement of their tradeoff. IEEE Access 7, 36164–36176 (2019)

    Article  Google Scholar 

  19. van Niekerk, J., Futcher, L.: The use of software design patterns to teach secure software design: an integrated approach. In: Bishop, M., Miloslavskaya, N., Theocharidou, M. (eds.) WISE 2015. IAICT, vol. 453, pp. 75–83. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-18500-2_7

    Chapter  Google Scholar 

  20. Hamdy, A., Elsayed, M.: Automatic recommendation of software design patterns: text retrieval approach. J. Softw. 13(4), 260–268 (2018)

    Google Scholar 

  21. Hussain, S.: Threshold analysis of design metrics to detect design flaws. In: ACM Symposium on Applied Computing (SRC), pp. 4–8, April 2016

    Google Scholar 

  22. Hussain, S.: A methodology to predict the instable classes. In: 32nd ACM Symposium on Applied Computing (SAC), Morocco, April 2017

    Google Scholar 

  23. Nahar, N., Sakib, K.: ACDPR: a recommendation system for the creational design patterns using anti-patterns. In: Proceedings of the IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (2016)

    Google Scholar 

  24. Suresh, S., Naidu, M., Kiran, S.A., Tathawade, P.: Design pattern recommendation system: a methodology, data model and algorithms. In: Proceedings of the International Conference on Computational Techniques and Artificial Intelligence (2011)

    Google Scholar 

  25. Smith, S., Plante, D.R.: Dynamically recommending design patterns. In: Proceedings of the 24th International Conference on Software Engineering and Knowledge Engineering (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, COMSATS University, Islamabad, 44000, Pakistan

    Khudema Zahra

  2. Department of Computer Science, University of Oregon, Eugene, OR, 97401, USA

    Shahid Hussain

  3. Department of Computer Science, Bahaudin Zakeria University, Multan, 60800, Pakistan

    Humaira Afzal

  4. Department of Computer Science, COMSATS University, Vehari, 61200, Pakistan

    Muhammad Rafiq Mufti

  5. Department of Computer Science, The Islamia University of Bahawalpur, Bahwalpur, 61300, Pakistan

    Dost Muhammad Khan

  6. Department of Management Science, Bahria University, Islamabad, 44000, Pakistan

    Muhammad Khalid Sohail

Authors
  1. Khudema Zahra
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shahid Hussain
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Humaira Afzal
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Muhammad Rafiq Mufti
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Dost Muhammad Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Muhammad Khalid Sohail
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shahid Hussain .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Aeronautics and Astronautics, Nanjing University, Nanjing, China

    Bing Chen

  3. Computer Science, Georgia State University, Atlanta, GA, USA

    Wei Li

  4. College of Science and Engineering, Qatar Foundation Education City, Doha, Qatar

    Roberto Di Pietro

  5. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Xuefeng Yan

  6. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Hao Han

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zahra, K., Hussain, S., Afzal, H., Mufti, M.R., Khan, D.M., Sohail, M.K. (2021). A Methodology to Automate the Security Patterns Selection. In: Wang, G., Chen, B., Li, W., Di Pietro, R., Yan, X., Han, H. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2020. Lecture Notes in Computer Science(), vol 12382. Springer, Cham. https://doi.org/10.1007/978-3-030-68851-6_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-68851-6_30

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-68850-9

  • Online ISBN: 978-3-030-68851-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation