L. Chung, "Dealing with Security Requirements During the Development of Information Systems", 5 International Conference on Advanced Information Systems Engineering, 1993.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....called UMLsec, using the standard UML extension mechanisms that encapsulates knowledge on prudent security engineering and thereby make it available to developers who may not be specialized in security. We use a combination of a use case driven process [11] with a goal directed approach [3]. This enables us to make use of results from object oriented analysis for functional requirements and to complement these with the formulation of goals especially suited for non functional requirements. Currently a large part of e ort both in implementing and verifying security relevant speci ....

....system one identi es the functional and non functional requirements of the system. Functional requirements describe which services a system should o er. Non functional (or quality) requirements describe qualities of these services, such as fault tolerance, performance and security aspects [3] (for example, secrecy is called nonfunctional because it describes not what a system should do (e.g. send some data) but how it should do it (e.g. send the data in a way that prevents illegitimate access) While much research in software engineering research was focussed on specifying ....

[Article contains additional citation context not shown here]

L. Chung. Dealing with security requirements during the development of information systems. In CAiSE '93, 5th Int. Conf. Advanced Information Systems Engineering. Springer-Verlag, 1993.

....[8] it is argued that security requirements vary with the perspective taken. The authors identify five different perspectives which are closely related to the elements of a workflow specification. In a further step, they define ALMOST , a language for modeling secure business transactions. Chung [9] describes a process oriented approach to rep resent security requirements as a special case of non functional (or quality) requirements as potentially conflict ing or harmonious goals and uses them during the develp ment of software systems. Finally, in [10] the Use Case Models of the Unified ....

Lawrence Chung, "Dealing with Security Requirements During the Development of Information Systems," in Advanced Information Systems Engineering, CAiSE93, Colette Rolland, Franqois Bodart, and Crorine Cauvet, Eds., Paris, France, June 1993, vol. 685 of Lecture Notes in Computer Science, pp. 234251, Springer.

....requirements that have nothing to do with security. These can be generated from either a front end threat analysis or from a post hoc reaction to an operational attack. Building on existing work in goaloriented requirements engineering, some researchers have started to tackle this problem [Chun93, JF01, Yu00]. Also, abuse cases [MF99] and misuse cases [SO01] have demonstrated how one can make explicit, and counteract, threatening scenarios. This literature has generated a challenging research agenda and highlighted our view that existing requirements engineering methods can go some way towards ....

L. Chung, "Dealing with Security Requirements During the Development of Information Systems", In Proc. CAiSE '93, 5th Int. Conf. Advanced Information Systems Engineering, Colette Rolland, Francois Bodart, Corine Cauvet (Eds.). Springer, 1993.

....verification techniques is that they are fully formal and therefore the protocols can be proven correct. 13 2.3. The NFR framework for modelling security in requirements engineering The NFR Framework was developed by Mylopoulos [Myl92] Detailed explanations about the framework can be found in [Chu93] Chu2K] We will present a brief summary. The NFR Framework helps developers deal with non functional requirements (NFRs) during software development. The framework helps developers express NFRs explicitly, deal with them systematically, and use them to drive the software development process ....

....and clients. NFR is based on a qualitative reasoning process. Because security requirements are often critical and global, we would like to reason about them in a formal language that allows for property verification. NFR is thus not suited for that purpose. As the authors point out themselves [Chu93] the scope of dealing with security in NFR is applied mainly to operational security , concerning run time operation, as opposed to developmental, concerning the development stage. 16 2.4. Scope of our approach We briefly reviewed some frameworks for expressing and reasoning about security. ....

L. Chung, "Dealing With Security Requirements During the Development of Information Systems." In C. Rolland, F. Bodat and C. Cauvet (Eds.), Advanced Information Systems Engineering, Proc., 5th Int. Conf. CAiSE '93, Paris, France, June 8--11, 1993, pp. 234--251.

....individual components. Recent work by both researchers [14] and practitioners [69] has investigated how to model NFRs and to express them in a form that is measurable or testable. There also is a growing body of research concerned with particular kinds of NFRs, such as safety [49; 55] security [13], reliability [19] and usability [42] 5.6 Analysing Requirements Models A primary benefit of modelling requirements is the opportunity this provides for analysing them. Analysis techniques that have been investigated in RE include requirements animation [32] automated reasoning (e.g. ....

Chung, L. (1993). Dealing with Security Requirements During the Development of Information Systems. 5th International Conference on Advanced Information Systems Engineering (CAiSE'93),Paris, France, 1993, pp. 234-251.

....for goal decomposition and satisficing. These methods are meant to be domain specific in the sense that there will be different methods for decomposing security goals as opposed to userfriendliness ones. The framework is explored in detail for performance and security requirements in [Nixo93] and [Chun93a]. Software development domain: More specialized work has also been carried out in the modeling and representation of the process of software development. An implementation of Telos, called ConceptBase, was used to represent requirements, design, implementations along with design rationale, ....

Chung, L., "Dealing with security requirements during the development of information systems," in

....on NFRs. We report herein on interviews conducted to date with experts familiar with systems used in some of the kinds of organisations studied. The twin starting points for this paper are the NFRFrameworkand its tool (applications of which are reviewed in Section 2) and studies of credit card [47, 11], public health insurance [10] and government administration (Cabinet Documents [10] and Taxation Appeals [48] information systems (Appendix A) Due to space limits, the credit card study is described more fully in the Appendix than the other two studies, the details of which are in a longer ....

....For the credit card studies, we have made contacts for further interviews. Some of the responses may generalise in applicability to some of the classes of systems studied. We distributed a draft of this paper, a questionnaire, and where appropriate, more detailed versions of the studies (including [10, 48, 47, 11]) Due to time constraints on the part of the authors, there was not always sufficient time for these interviewees to fully review our material. Major Findings. NFR Framework. The interviewees said that the framework and its components would be helpful for developers, and can be helpful in the ....

[Article contains additional citation context not shown here]

L. Chung, "Dealing With Security Requirements During the Development of Information Systems." In C. Rolland, F. Bodat and C. Cauvet (Eds.), Advanced Information Systems Engineering, Proc., 5th Int. Conf. CAiSE '93, Paris, France, June 8--11, 1993, pp. 234--251.

....Section 6) in a knowledge base such expert knowledge about sorts, decompositions, correlations and satisficing goals, for some specific NFRs. This study draws on those catalogues, which were developed as parts of specialisations of the NFR Framework to deal with accuracy, security and performance [7, 10, 9, 46, 47, 48, 49]. Such catalogues are available to the developer throughout the development process. In addition, developers can define and use their own methods. Using another method, the security goal is decomposed into goals for accuracy, confidentiality and availability, which are the major components of ....

....and organised in such a way to be available to the developer at the time of both the initial development and its subsequent changes. An important role of the NFR Framework is to help in organising such knowledge and to make them available to the developer as needed. In several of our studies [14, 47, 9, 10, 48, 49], this cataloguing of knowledge has been helpful, and was typically performed early. The NFR Framework allows for acquisition and representation of knowledge about the domain being developed. This might include representation of functional requirements, schema, priorities and workload. Memory ....

[Article contains additional citation context not shown here]

L. Chung, "Dealing With Security Requirements During the Development of Information Systems." In C. Rolland, F. Bodat and C. Cauvet (Eds.), Advanced Information Systems Eng., Proc., 5th Int. Conf. CAiSE '93, Paris, France, June 8--11, 1993. Berlin: SpringerVerlag, 1993, pp. 234--251.

....in terms of changes in the components. This paper extends the usage of the NFR Framework [27, 9] by using its facilities to deal with change. This is illustrated by an initial study of dealing with change in a bank loan system. This draws on our studies of attaining quality for banking systems [31, 9, 10, 11]. The combination of performance and requirements for accuracy, timeliness and informativeness, is also treated in more detail than in [11] We also offer guidelines for consistently managing historical records in the presence of changes in the world. In Section 2 the NFR Framework is illustrated ....

....information be confirmed in writing for informativeness. Selecting the satisficing goal of confirmation contributes not only to meeting (shown with p in figure) informativeness but also accuracy, which in turn helps security. In order to support the development process, we have catalogued [7, 10, 9, 30, 31, 32] in a knowledge base such expert knowledge about sorts, decompositions, correlations 1 Since goals representing NFRs are rarely satisfied in a clear cut sense, but decisions do contribute to, or hinder, a particular goal, we use goal satisficing [35] when software is expected to satisfy NFRs ....

[Article contains additional citation context not shown here]

L. Chung, "Dealing With Security Requirements During the Development of Information Systems." In Advanced Information Systems Eng., Proc., 5th Int. Conf. CAiSE '93, Paris, France. Berlin: Springer-Verlag, 1993, pp. 234--251.

....for systematically dealing with NFRs during the process of architectural design. The NFR Framework [7] 30] aims to improve software quality [9] 10] and has been tested on system types with a variety of NFRs, including accuracy, security and performance. Systems studied [13] include credit card [34, 8], public health insurance [7] government administration (Cabinet Documents [7] and Taxation Appeals [35] and bank loan [12] information systems. The last study considered dealing with changes in requirements, including informativeness. The NFR Framework also has an associated prototype tool: the ....

....[12] information systems. The last study considered dealing with changes in requirements, including informativeness. The NFR Framework also has an associated prototype tool: the NFR Assistant [11] has been designed and implemented to deal with a variety of NFRs, primarily security, accuracy [7] [8], and (in progress) performance [35] The NFR Framework has been one of the subjects in a comparative study on several goal oriented approaches by Finkelstein and Green [15] who use the meeting scheduler example as a basis of comparison. There are other uses of the NFR Framework, including ....

Lawrence Chung, "Dealing With Security Requirements During the Development of Information Systems." In Colette Rolland, Fran¸cois Bodat and Corine Cauvet (Editors), Advanced Information Systems Engineering, Proc., 5th Int. Conf. CAiSE '93, Paris, France, June 8--11, 1993. Berlin: Springer-Verlag, 1993, pp. 234--251.

....studies is to provide an analysis of quality requirements and the development decisions that might be made, given such requirements. The twin starting points for this paper are the NFR Framework and its tool (applications of which are reviewed in Section 2) and studies of credit card [Nixon93] Chung93b] public health insurance [Chung93a] and government administration (Cabinet Documents [Chung93a] and Taxation Appeals [Nixon94] information systems (Appendices A, B and C) The present paper, then, extends this material with a methodology for using the NFR Framework to deal with quality and ....

....workload for an hypothetical large bank, assuming it has 15 of the national market. It would have 3 600 000 cards in circulation and 90 000 merchants; each day it would deal with 217 000 sales slips, 218 lost or stolen cards, and 19 cards used fraudulently. Treatment of NFRs. We examined [Chung93b] Nixon93] some organizations documents [Canadian Bankers91] Visa Canada90] Visa International91] MasterCard91] which show differences in domain characteristics as well as in the types of NFRs. For a commercial credit card system, quality is very important, as the market is highly ....

[Article contains additional citation context not shown here]

Lawrence Chung, "Dealing With Security Requirements During the Development of Information Systems." In Colette Rolland, Fran¸cois Bodat and Corine Cauvet (Editors), Advanced Information Systems Engineering, Proc., 5th Int. Conf. CAiSE '93, Paris, France, June 8--11, 1993. Berlin: SpringerVerlag, 1993, pp. 234--251.

No context found.

Lawrence Chung, "Dealing With Security Requirements During the Development of Information Systems. " In Colette Rolland, Francois Bodat and Corine Cauvet (Editors), Advanced Information Systems Engineering, Proc., 5th Int. Conf. CAiSE '93, Paris, France, June 8--11, 1993. Berlin: Springer-Verlag, 1993, pp. 234--251.

No context found.

L. Chung, "Dealing with Security Requirements During the Development of Information Systems", 5 International Conference on Advanced Information Systems Engineering, 1993.

No context found.

L. Chung, "Dealing with Security Requirements During the Development of Information Systems", Proc.of5thInt. Conference on Advanced Information Systems Engineering (CAiSE'93), 234-251, Paris, France, Springer-Verlag, 1993.

No context found.

L. Chung, "Dealing with Security Requirements During the Development of Information Systems", 5 International Conference on Advanced Information Systems Engineering, 1993.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC