A Pattern System for Security Requirements Engineering

Author

Hatebur, Denis ; Heisel, Maritta ; Schmidt, Holger

Author_Institution

Dept. of Comput. Sci., Univ. Duisburg-Essen, Essen

fYear

2007

fDate

10-13 April 2007

Firstpage

356

Lastpage

365

Abstract

We present a pattern system/or security requirements engineering, consisting of security problem frames and concretized security problem frames. These are special kinds of problem frames that serve to structure, characterize, analyze, and finally solve software development problems in the area of software and system security. We equip each frame with formal preconditions and postconditions. The analysis of these conditions results in a pattern system that explicitly shows the dependencies between the different frames. Moreover, we indicate related frames, which are commonly used together with the considered frame. Hence, our approach helps security engineers to avoid omissions and to cover all security requirements that are relevant for a given problem

Keywords

formal specification; object-oriented methods; security of data; pattern system; security problem frames; security requirement engineering; software development; software security; system security; Authentication; Computer science; Computer security; Data security; Instruments; Pattern analysis; Programming; Reliability engineering; Software engineering; Software systems;

fLanguage

English

Publisher

ieee

Conference_Titel

Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on

Conference_Location

Vienna

Print_ISBN

0-7695-2775-2

Type

conf

DOI

10.1109/ARES.2007.12

Filename

4159824