Trade-off analysis between security policies for Java mobile codes and requirements for Java application

Author

Kaiya, Haruhiko ; Sasaki, Kouta ; Maebashi, Yasunori ; Kaijiri, Kenji

Author_Institution

Dept. of Comput. Sci., Shinshu Univ., Nagano, Japan

fYear

2003

fDate

8-12 Sept. 2003

Firstpage

357

Lastpage

358

Abstract

We propose a method for analyzing trade-off between security policies for Java mobile codes and requirements for Java application. We assume that mobile codes are downloaded from different sites, they are used in an application on a site, and their functions are restricted by security policies on the site. We clarify which functions to be performed under the policies on the site using our tool [H. Kaiya et al., (2002)]. We also clarify which functions are needed so as to meet the requirements for the application by goal oriented requirements analysis (GORA). By comparing functions derived from the policies and functions from the requirements, we find conflicts between the policies and the requirements, and also find vagueness of the requirements.

Keywords

Java; distributed programming; formal specification; security of data; systems analysis; Java mobile code; goal oriented requirements analysis; security policies; trade-off analysis; Application software; Computer science; Computer security; Electronic learning; International collaboration; Java; Mobile computing; Permission; Privacy; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Requirements Engineering Conference, 2003. Proceedings. 11th IEEE International

ISSN

1090-705X

Print_ISBN

0-7695-1980-6

Type

conf

DOI

10.1109/ICRE.2003.1232785

Filename

1232785