• DocumentCode
    545372
  • Title

    Extracting security requirements from reality

  • Author

    Al-Fedaghi, Sabah ; Al-Enazi, Khalid Assaf

  • Author_Institution
    Comput. Eng. Dept., Kuwait Univ., Safat, Kuwait
  • Volume
    1
  • fYear
    2011
  • fDate
    11-13 March 2011
  • Firstpage
    221
  • Lastpage
    228
  • Abstract
    In recent years, research efforts have been aimed at providing methodologies and techniques for secure software engineering. In this direction, UMLsec is proposed as a standard extension of UML for expressing security-relevant information. This paper scrutinizes this proposed method for security requirements specification and develops a different basic methodology that can be used for the stated purpose. The paper demonstrates that security considerations need completeness and continuity of specifications to avoid gaps or breaks in the logical sequence of events in systems. Accordingly, the paper presents a flow-based systematic diagramming scheme suitable for these features. We demonstrate the concepts with examples.
  • Keywords
    Unified Modeling Language; security of data; software engineering; UML; flow based systematic diagramming scheme; security relevant information; software engineering; Business; Computers; Diseases; Frequency modulation; Modeling; Security; Unified modeling language; Security requirements; UML; UMLsec; activity diagrams; conceptual modeling; flow model;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Research and Development (ICCRD), 2011 3rd International Conference on
  • Conference_Location
    Shanghai
  • Print_ISBN
    978-1-61284-839-6
  • Type

    conf

  • DOI
    10.1109/ICCRD.2011.5764008
  • Filename
    5764008
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=545372