By increasing the use of distributed systems and increasing software attacks, software security is considered very important and treated as an active research area. Security is usually taken into account after design and implementation of the system, whereas like other quality attributes, it must be considered from the beginning of the process of building software, such as architectural design. Considering 1) the long-term effects of design stage decisions on final software product, 2) one of the important design decisions, is selection of suitable software architecture style, and 3) the quantitative impact of software architecture style on quality attributes, especially security, has not been investigated, the aim of this research is quantification of the impact of architectural styles on security quality attribute. This study aims at evaluating the software architectural styles from the viewpoint of the security quality attribute based on scenario-based evaluation method. In this study, by presenting security scenarios, the architectural styles are evaluated from the perspective of security. Then architectural styles are ranked based on the results of the evaluation and importance of scenarios using Analytical Hierarchy Process, in terms of supporting software security. The most important contribution of this paper is to propose an approach to select the software architecture style in which security attribute plays a major role.

Security; Scenario-based Evaluation; Software Architecture Styles

[1] P. T. Devanabu and S. Stubblebine, Software engineering for security: a roadmap”, in ICSE ’00: Proceedings of the Conference on the Future of Software Engineering. ACM, 2000, pp. 227–239.
[2] J. Juerjens, Secure Systems Development with UML, Springer, 2005.
[3] D.G. Rosado, E. Fernández-Medina, and M. Piattini, Comparison of Security Patterns, International Journal of Computer Science and Network Security, Vol. 6. Issue 2B. pp. 139-146, 2006.
[4] Len. Bass, Paul. Clements P, Rick. Kazman, 2003, “Software Architecture in Practice”, Addison-Wesley Professional Publisher ,Second Edition, 2003, Addison-Wesley, ISBN: 0321154959
[5] Len. Bass, Paul. Clements, and Rick. Kazman, “Software Architecture in Practice”, Pearson Education Publisher, Third Edition, 2013, ISBN: 9332502307
[6] F.Losavio, et al, ISO Quality Standards for Measuring Architectures, The Journal of System and Software 72, Page No. 209-223, Elsevier, 2004.
[7] M. AlSharif, et al, "ding the Complexity of Software Architecture", ACM Southeast Regional Conference, Proc. of the 42nd annual southeast regional conference, Huntsville, Alabama, 2004.
[8] S. Jingqiu and H. Behrouz, “Development of an Intelligent System for Architecture Design and Analysis”, Canadian Electrical and Computer Engineering, Conference, pp. 539- 542, 2004.
[9] H. Koh, S. Kung, and J.Park, “The Method to Choose Architectural Approaches in the Software Architecture Design Phase”, ICITA (1), pp. 103-106, 2005.
[10] H. Reza, D. Jurgens, J. White, J. Anderson, and J. Peterson, “An architectural design selection tool based on design tactics, scenarios and nonfunctional requirements”, Electro Information Technology, 2005 IEEE Int. Conf. , pp: , 2005.
[11] G. Zayaraz, and P. Thambidurai, “Software Architecture Selection Framework Based on Quality Attributes”, Annual IEEE INDICON, pp. 167– 170, December 11-13, 2005, ISBN:0-7803-9503-4
[12] N.B. Harrison and P. Avgerinos, “Leveraging Architecture Patterns to Satisfy Quality Attributes”, 1th European Conf. on Software Architecture Springer, pp (263-270), ECSA 2007 Madrid, Spain, September 24-26,
[13] P. Avgeriou, U. Zdun, “Architectural patterns revisited: a pattern language”, Proc. of 10th European Conf. on Pattern Languages of Programs, pp.1-39, 2005 , Butterworth-Heinemann,
[14] G.R.Shahmohammadi, “Reliability Evaluation of Software Architecture Styles”, 5-th International Conference on Parallel, Distributed Computing Technologies and Applications (PDCTA-2016), pp. 117-129, January 2th-3th,,2016, ISBN: 978-1-921987-45-8.
[15] G.R.Shahmohammadi, 2014, “Evaluation of the Software Architecture Styles from Maintainability Viewpoint”, International Conference on Foundations of Computer Science & Technology, Zurich, Switzerland, pp. 183-197, January 2th-4th , 2014.
[16] F. Buschmann, R. Meunier, H. Rohnert, P. Sommerlad, M. Stal, “Pattern-Oriented Software Architecture: A System of Patterns”, Vol. 1, Wiley, 1996, ISBN: 978-0-471-95869-7.
[17] M. Shaw, D. Garlan, 1996, “Software Architecture: Perspectives Discipline on an Emerging”, Prentice Hall.
[18] K. Jiwnani and M. Zelkowitz, 2002, “Maintaining Software with a Security Perspective”, Proc. of the International Conference on Software Maintenance, pp. 194 – 203, ISBN: 0-7695-1819-2
[19] Gholamreza. Shahmohammadi, and Saeed. Jalili, “Scenario-Based Quantitative Evaluation of Software Architecture Style from Maintainability Viewpoint”, 14st Annual of CSI Computer Conference (CSICC 2009), Iran, Amirkabir University, 2009.