Eliciting Security Requirements Method Based on Safety Knowledge Base

被引:0
|
作者
Yu, Xiaofei [1 ]
Li, Xiaohong [1 ]
Mang, Qianqian [1 ]
机构
[1] Tianjin Univ, Sch Comp Sci & Technol, Tianjin 300072, Peoples R China
来源
CONTEMPORARY RESEARCH ON E-BUSINESS TECHNOLOGY AND STRATEGY | 2012年 / 332卷
关键词
Security Requirements; Asset; Threat; Security Functional Component; Common Criteria;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
With the development of software technology, software security is receiving more and more attention. Security requirement is a key stage in the process of software development. In the present research, we propose a method to elicit security requirements; that is developed based on safety knowledge base. In the method, we perform analysis based on the asset, threat and Common Criteria security function components. Then, we summarize the relationship of the three. Based on this, we establish a safety knowledge base. Starting from the functional requirements of the application system, the system assets will be analyzed and matched automatically based on the established safety knowledge base, and finally we elicit the security requirements. The approach is very effective for the purpose of security requirement analysis, and elicits security requirements easily and efficiently. It will be very helpful for security software development.
引用
收藏
页码:109 / 121
页数:13
相关论文
共 50 条
  • [41] Eliciting Design Requirements for a Knowledge Management System in Cultural and Historical Heritage
    Nova, Nestor A.
    Gonzalez, Rafael A.
    PROCEEDINGS OF THE 13TH INTERNATIONAL JOINT CONFERENCE ON KNOWLEDGE DISCOVERY, KNOWLEDGE ENGINEERING AND KNOWLEDGE MANAGEMENT (KMIS), VOL 3, 2021, : 40 - 51
  • [42] Combined Assessment of Software Safety and Security Requirements: An Industrial Evaluation of the CHASSIS Method
    Raspotnig, Christian
    Karpati, Peter
    Opdahl, Andreas L.
    JOURNAL OF CASES ON INFORMATION TECHNOLOGY, 2018, 20 (01) : 46 - 69
  • [43] Re-evaluation of PhishI game and its utilisation in eliciting security requirements
    Fatima, Rubia
    Yasin, Affan
    Liu, Lin
    Wang, Jianmin
    INTERNATIONAL JOURNAL OF INFORMATION AND COMPUTER SECURITY, 2024, 23 (03) : 294 - 321
  • [44] Knowledge base for construction safety
    Fonseca, MS
    Dias, LMA
    IMPLEMENTATION OF SAFETY AND HEALTH ON CONSTRUCTION SITES, 1996, : 167 - 178
  • [45] Identifying Security Requirements Body of Knowledge for the Security Systems Engineer
    von Solms, Sune
    Marnewick, Annlize
    INFORMATION SECURITY EDUCATION: EDUCATION IN PROACTIVE INFORMATION SECURITY, WISE 12, 2019, 557 : 59 - 71
  • [46] Requirements of Knowledge-Management in Industrial Organisations and the Sector of Public Safety and Security: Same or Different?
    Lindemann, Christian
    Schaefer, Christina
    Koch, Rainer
    PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON INTELLECTUAL CAPITAL, KNOWLEDGE MANAGEMENT AND ORGANISATIONAL LEARNING, VOLS 1 AND 2, 2011, : 841 - 844
  • [47] Knowledge-based safety Security analysis of automation systems
    Tebbe, Christopher
    Glawe, Matthias
    Scholz, Andre
    Niemann, Karl-Heinz
    Fay, Alexander
    Dittgen, Josha
    ATP EDITION, 2015, (04): : 56 - 66
  • [48] Problem-based Elicitation of Security Requirements The ProCOR Method
    Wirtz, Roman
    Heisel, Maritta
    Meis, Rene
    Omerovic, Aida
    Stolen, Ketil
    PROCEEDINGS OF THE 13TH INTERNATIONAL CONFERENCE ON EVALUATION OF NOVEL APPROACHES TO SOFTWARE ENGINEERING, 2018, : 26 - 38
  • [49] Eliciting dependability requirements: a control cases based approach
    Liu Chun
    Wang Yue
    Zhang Wei
    Jin Zhi
    SCIENCE CHINA-INFORMATION SCIENCES, 2014, 57 (01) : 1 - 15
  • [50] Eliciting dependability requirements: a control cases based approach
    Chun Liu
    Yue Wang
    Wei Zhang
    Zhi Jin
    Science China Information Sciences, 2014, 57 : 1 - 15
12345