Security Requirement Modeling Support System using Software Security Knowledge Base

被引:3
|
作者
Hazeyama, Atsuo [1 ]
Tanaka, Shun'chi [2 ]
Tanaka, Takafumi [3 ]
Hashiura, Hiroaki [4 ]
Munetoh, Seiji [5 ]
Okubo, Takao [6 ]
Kaiya, Haruhiko [7 ]
Washizaki, Hironori [8 ]
Yoshioka, Nobukazu [9 ]
机构
[1] Tokyo Gakugei Univ, Dept Informat Sci, Tokyo, Japan
[2] Tokyo Gakugei Univ, Dept Informat Educ, Tokyo, Japan
[3] Tokyo Univ Agr & Technol, Grad Sch Engn, Tokyo, Japan
[4] Nippon Inst Technol, Fac Engn, Saitama, Japan
[5] IBM Japan Ltd, Fujisawa, Kanagawa, Japan
[6] Inst Informat Secur, Grad Sch Informat Secur, Yokohama, Kanagawa, Japan
[7] Kanagawa Univ, Dept Informat Sci, Yokohama, Kanagawa, Japan
[8] Waseda Univ, Dept Comp Sci & Engn, Tokyo, Japan
[9] Natl Inst Informat, Informat Syst Architecture Sci Res Div, Tokyo, Japan
来源
2018 IEEE 42ND ANNUAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE (COMPSAC 2018), VOL 2 | 2018年
关键词
Secure software development support; security requirements analysis; modeling support system; knowledge base for secure software development;
D O I
10.1109/COMPSAC.2018.10235
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
With the growing number of services on the Internet, the need for secure software development has increased. It is required for secure software development to consider security in the whole development life cycle. It is indispensable for secure software development to use various types of security knowledge. This study deals with security requirement analysis. Existing security requirements modeling systems do not provide a function to create an artifact while referring to security knowledge in an integrated manner. In this paper, the authors develop a modeling support system for a misuse case diagram that enables the association of knowledge with elements that constitute the diagram. The results of an experiment using the system show the system's usefulness in both the integration of the knowledge base with the artifact creation environment and the association of the knowledge with the elements of the diagram.
引用
收藏
页码:234 / 239
页数:6
相关论文
共 50 条
  • [31] Security in Cyberspace: A knowledge-base approach
    vandeRiet, RP
    Junk, A
    Gudes, E
    DATA & KNOWLEDGE ENGINEERING, 1997, 24 (01) : 69 - 96
  • [32] Normalizing Security Events with a Hierarchical Knowledge Base
    Jaeger, David
    Azodi, Amir
    Cheng, Feng
    Meinel, Christoph
    INFORMATION SECURITY THEORY AND PRACTICE, WISTP 2015, 2015, 9311 : 237 - 248
  • [33] A Framework to Construct Knowledge Base for Cyber Security
    Shang, Huaijun
    Jiang, Rong
    Li, Aiping
    Wang, Wei
    2017 IEEE SECOND INTERNATIONAL CONFERENCE ON DATA SCIENCE IN CYBERSPACE (DSC), 2017, : 242 - 248
  • [34] CPIS-compliance Security Requirement Analysis for Software Development
    Jiang Lei
    Yuan Jing
    Ren Weihong
    Zhao Tai
    PROCEEDINGS OF THE 2015 3RD INTERNATIONAL CONFERENCE ON MACHINERY, MATERIALS AND INFORMATION TECHNOLOGY APPLICATIONS, 2015, 35 : 624 - 629
  • [35] A Co-occurrence Recommendation Model of Software Security Requirement
    Xu, Yilin
    Ge, Weimin
    Li, Xiaohong
    Feng, Zhiyong
    Xie, Xiaofei
    Bai, Yude
    2019 13TH INTERNATIONAL SYMPOSIUM ON THEORETICAL ASPECTS OF SOFTWARE ENGINEERING (TASE 2019), 2019, : 41 - 48
  • [36] A Review Paper : Security Requirement Patterns for a Secure Software Development
    Yahya, Syazwani
    Kamalrudin, Massila
    Sidek, Safiah
    Jaimun, Munaliza
    Yusof, Junaidah
    Hua, Ang Kean
    Gani, Paran
    2019 1ST INTERNATIONAL CONFERENCE ON ARTIFICIAL INTELLIGENCE AND DATA SCIENCES (AIDAS2019), 2019, : 146 - 151
  • [37] Security modeling and tool support advantages
    Baadshaug, Egil Trygve
    Erdogan, Gencer
    Meland, Per Hakon
    FIFTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY: ARES 2010, PROCEEDINGS, 2010, : 537 - 542
  • [38] Design and Development of Artificial Intelligence Knowledge Processing System for Optimizing Security of Software System
    Althar R.R.
    Samanta D.
    Purushotham S.
    Sengar S.S.
    Hewage C.
    SN Computer Science, 4 (4)
  • [39] Software support for managing the security of the transmission system CEPS (Czech Power Transmition System)
    Sadecky, Bohumil
    Chladova, Miloslava
    PROCEEDINGS OF THE 12TH INTERNATIONAL SCIENTIFIC CONFERENCE ELECTRIC POWER ENGINEERING 2011, 2011, : 21 - 24
  • [40] Toward improved software security testing using a cyber warfare opposing force (CW OPFOR): the knowledge base design
    Stytz, MR
    Banks, SB
    Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005, 2005, 5812 : 130 - 141
12345