Description

Security is one of the most crucial quality attributes in modern software systems. To promote security by design, as part of the SCAM research project a recommender system is under development to assist in the secure design of software systems. This system focuses on providing recommendations for implementing patterns of authentication and authorization within architectural designs. To enhance its effectiveness, the system requires a comprehensive list of available methods for user authentication and authorization, along with a robust classification of these methods to enable informed decision-making.

This thesis aims to address this need by developing a non-exhaustive list of existing authentication and authorization methods and categorizing them based on a well-defined taxonomy. The results will support the recommender system in delivering precise and contextually relevant recommendations for secure system design.

Expected Contributions:

• Comprehensive Overview: A detailed list of current authentication and authorization methods, serving as a foundational resource for research and practice in secure software design.
• Taxonomy Framework: A methodologically sound taxonomy for classifying authentication and authorization methods, tailored to the needs of secure system design.

This thesis is available as a bachelor thesis only.