Security Requirements Engineering: A Framework for Representation and Analysis.

0
Security Requirements Engineering: A Framework for Representation and Analysis
Abstract:
This paper presents a framework for security requirements elicitation and analysis. The framework is based on constructing a context for the system, representing security requirements as constraints, and developing satisfaction arguments for the security requirements. The system context is described using a problem-oriented notation, then is validated against the security requirements through construction of a satisfaction argument. The satisfaction argument consists of two parts: a formal argument that the system can meet its security requirements and a structured informal argument supporting the assumptions expressed in the formal argument. The construction of the satisfaction argument may fail, revealing either that the security requirement cannot be satisfied in the context or that the context does not contain sufficient information to develop the argument. In this case, designers and architects are asked to provide additional design information to resolve the problems. We evaluate the framework by applying it to a security requirements analysis within an air traffic control technology evaluation project.
Existing System:
  • The construction of the satisfaction argument may fail, revealing either that the security requirement cannot be satisfied in the context or that the context does not contain sufficient information to develop the argument
  • In this case, designers and architects are asked to provide additional design information to resolve the problems
Proposed System:
     We propose three contributions to assist with developing security requirements that satisfy these criteria
  • The first is a practical definition of security requirements, with yes/no satisfaction criteria within a system context. 
  • The second is an explicit role for assumptions, concentrating on their place in security requirements satisfaction arguments. 
  • The third is the use of formal and informal structured arguments to validate that a   system can satisfy its security requirements.
System Requirement:
Hardware:
PROCESSOR          :       PENTIUM IV 2.6 GHz
RAM                      :      512 MB DD RAM
MONITOR              :      15” COLOR
HARD DISK           :       20 GB

Software:
FRONT END          :      JAVA SWINGS.
TOOLS USED         :      JFRAMEBUILDER

Click Here to Download this Project

About the author

Donec non enim in turpis pulvinar facilisis. Ut felis. Praesent dapibus, neque id cursus faucibus. Aenean fermentum, eget tincidunt.

0 comments:

Recent Posts