Security Modeling with Palladio—Different Approaches
Vorschaubild nicht verfügbar
ISSN der Zeitschrift
Geselllschaft für Informatik e.V.
Security is never perfect, security deals with a lot of uncertainty, and security is complex. Nevertheless, security is one of the non-functional properties, that we, as software architects, have to consider. It is needed to include security in many trade-off decisions (usability, performance, costs, etc. versus security), to compare the security of different architectures, and to check whether legal constraints are meet. Thus it is demanded to include security modeling to approaches like Palladio. In this paper, we describe two approaches to model and analyze security using Palladio. The first approach is an external one and requires to adapt Palladio. The second approach is proposed by us and does not need to modify Palladio. Furthermore, we explain why we needed to develop a new approach based on a use case and its demanded pragmatism for the model.