Title :
PORTAM: Policy, Requirements and Threats Analyzer for Mobile Code Application
Author :
Kaiya, Haruhiko ; Sasaki, Kouta ; Kaijiri, Kenji
Author_Institution :
Dept. of Comput. Sci., Shinshu Univ., Nagano
Abstract :
Users and providers of an information system should clearly understand the threats caused by the system as well as clarify the requirements for the system before they use the system. Especially, they should be very careful when they use a system with components and/or services provided by third parties. However, there are few methods or tools to learn and confirm such issues. In this paper, we present a supporting tool called "PORTAM" for such users and providers to understand the threats and the requirements. Suppose some requirements cannot be satisfied when some threats are avoided, and vice versa. In such cases, they should decide whether the requirements should be satisfied or the threats should be avoided. The tool also helps them to decide such kinds of trade-offs. Current version of this tool handles Java mobile code applications, thus users of our tool can easily feel real threats. Although the current version deals only with Java components, the ideas behind the tool can be applied to software in general. We finally report experimental results to confirm the usefulness and the educational effects of this tool
Keywords :
Java; mobile computing; program diagnostics; program verification; security of data; software tools; Java components; Java mobile code applications; PORTAM tool; mobile code application; policy analysis; requirement analysis; system requirements; threat analysis; Application software; Computer science; Information analysis; Information systems; Internet; Java; Mobile computing; Security; Software systems; Software tools;
Conference_Titel :
Quality Software, 2006. QSIC 2006. Sixth International Conference on
Conference_Location :
Beijing
Print_ISBN :
0-7695-2718-3
DOI :
10.1109/QSIC.2006.47
