Por favor, use este identificador para citar o enlazar este ítem: 
                
    
    https://repositorio.ufpe.br/handle/123456789/26968
                Comparte esta pagina
| Título : | Assessing security in software product lines; a maintenance analysis | 
| Autor : | SILVEIRA NETO, Paulo Anselmo da Mota | 
| Palabras clave : | Engenharia de software; Segurança de software | 
| Fecha de publicación : | 2-jun-2017 | 
| Editorial : | Universidade Federal de Pernambuco | 
| Resumen : | Different terms such as "the real-time enterprise", "software infrastructures", "service oriented architectures" and "composite software applications" have gained importance in industry. It brings us the need of information systems that support cross-application integration, cross-company transactions and end-user access through a range of channels, including the Internet. In this context, Software Product Line (SPL) Engineering has gained importance by product oriented companies, as a strategy to cope with the increasing demand of large-scale product customization, providing an effective and efficient ways of improving productivity, software quality, and time-to-market. These benefits combined with the need of most applications interact with other applications, and the internet access makes critical assets vulnerable to many threats. For most of the product oriented companies, security requirements are likely to be as varied as for any other quality. Thus, it is important to supply variants of the same product to satisfy different needs. Owing to its variability management capabilities, software product line architectures can satisfy these requirements if carefully designed the resulting system has a better chance of meeting its expectations. All these requirements should be achieved at early design phases. Otherwise the cost to design a secure architecture will increase, which could worsen in SPL context, due to its complexity. In this context, this thesis evaluates different techniques to implement security tactics for the purpose of assessing conditional compilation and aspect-oriented programming as variability mechanisms concerning maintainability by accessing code size, separation of concerns, coupling and cohesion from software architects in the context of Software Product Lines projects. Hence, to better support SPL architects during design decisions, a family of experiments using three different testbeds was performed to analyze different security techniques regarding to maintainability. We have found that for most of the techniques conditional compilation had a smaller amount of lines of code when compared with Aspect Oriented Programming. The separation of concerns attribute had the low impact on maintainability when implemented with aspect-oriented programming. The analysis also showed that detect attack techniques are less costly than resist attack techniques. The results are useful for both researchers and practitioners. On the one hand, researchers can identify useful research directions and get guidance on how the security techniques impact on maintainability. On the other hand, practitioners can benefit from this thesis by identifying the less costly variability implementation mechanism, as well as, learning concrete techniques to implement security tactics at the code level. | 
| URI : | https://repositorio.ufpe.br/handle/123456789/26968 | 
| Aparece en las colecciones: | Teses de Doutorado - Ciência da Computação | 
Ficheros en este ítem: 
| Fichero | Descripción | Tamaño | Formato | |
|---|---|---|---|---|
| TESE Paulo Anselmo da Mota Silveira Neto.pdf | 3,66 MB | Adobe PDF |  Visualizar/Abrir | 
| Este ítem está protegido por copyright original | 
Este ítem está sujeto a una licencia Creative Commons  Licencia Creative Commons 
     
    
