Title :
Extracting security requirements from reality
Author :
Al-Fedaghi, Sabah ; Al-Enazi, Khalid Assaf
Author_Institution :
Comput. Eng. Dept., Kuwait Univ., Safat, Kuwait
Abstract :
In recent years, research efforts have been aimed at providing methodologies and techniques for secure software engineering. In this direction, UMLsec is proposed as a standard extension of UML for expressing security-relevant information. This paper scrutinizes this proposed method for security requirements specification and develops a different basic methodology that can be used for the stated purpose. The paper demonstrates that security considerations need completeness and continuity of specifications to avoid gaps or breaks in the logical sequence of events in systems. Accordingly, the paper presents a flow-based systematic diagramming scheme suitable for these features. We demonstrate the concepts with examples.
Keywords :
Unified Modeling Language; security of data; software engineering; UML; flow based systematic diagramming scheme; security relevant information; software engineering; Business; Computers; Diseases; Frequency modulation; Modeling; Security; Unified modeling language; Security requirements; UML; UMLsec; activity diagrams; conceptual modeling; flow model;
Conference_Titel :
Computer Research and Development (ICCRD), 2011 3rd International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-61284-839-6
DOI :
10.1109/ICCRD.2011.5764008
