Aspect-oriented specification of threat-driven security requirements

Xu, Dianxiang; Goel, Vivek; Nygard, Kendall E.; Wong, W. Eric

doi:10.1504/ijcat.2008.017725

Cited by 8 publications

(4 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Security concerns can either be represented graphically or through written documentation. Graphic representations of security threats and attacks range from the use of fault trees [8], attack trees [3], misuse cases [9][10] [11], anti-goals [12] and Petri net [13][14] models. Written documentation of security threats can be represented through the use of vulnerability databases [15], evaluation criteria [16] or security patterns [17].…”

Section: Related Workmentioning

confidence: 99%

Towards an Enhanced Design Level Security: Integrating Attack Trees with Statecharts

Ariss

2011

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement

Self Cite

View full text Add to dashboard Cite

Software security has become more and more critical as we are increasingly depending on the Internet, an untrustworthy computing environment. Software functionality and security are tightly related to each other; vulnerabilities due to design errors, inconsistencies, incompleteness, and missing constraints in system specifications can be wrongly exploited by security attacks. These two concerns, however, are often handled separately. In this paper we present a threat driven approach that improves on the quality of software through the realization of a more secure functional model. The approach introduces systematic transformation rules and integration steps for mapping attack tree representations into lower level dynamic behavior, then integrates this behavior into statechart-based functional models. Through the focus on both the functional and threat behavior, software engineers can introduce, clearly define and understand security concerns as software is designed. To identify vulnerabilities, our approach then applies security analysis and threat identification to the integrated model.

show abstract

Section: Related Workmentioning

confidence: 99%

Towards an Enhanced Design Level Security: Integrating Attack Trees with Statecharts

Ariss

2011

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement

Self Cite

View full text Add to dashboard Cite

show abstract

“…Alexander discussed a variety of applications of misuse cases beyond security requirements elicitation, such as eliciting general "-ility" requirements, exceptions, and test cases [1]. Built upon the notions of misuse and mitigation use cases, Xu et al [37] have exploited aspect-orientation to capture the crosscutting nature of threats and mitigations so that system requirements are elicited in a more structured way. The structured specification facilitates understanding and analysis of the interplays between functional and security requirements.…”

Section: Related Workmentioning

confidence: 99%

Uml-Based Modeling and Analysis of Security Threats

Kong

Zeng

2010

Int. J. Soft. Eng. Knowl. Eng.

Self Cite

View full text Add to dashboard Cite

Poor design has been a major source of software security problems. Rigorous and designer-friendly methodologies for modeling and analyzing secure software are highly desirable. A formal method for software development, however, often suffers from a gap between the rigidity of the method and the informal nature of system requirements. To narrow this gap, this paper presents a UML-based framework for modeling and analyzing security threats (i.e. potential security attacks) rigorously and visually. We model the intended functions of a software application with UML statechart diagrams and the security threats with sequence diagrams, respectively. Statechart diagrams are automatically converted into a graph transformation system, which has a well-established theoretical foundation. Method invocations in a sequence diagram of a security threat are interpreted as a sequence of paired graph transformations. Therefore, the analysis of a security threat is conducted through simulating the state transitions from an initial state to a final state triggered by method invocations. In our approach, designers directly work with UML diagrams to visually model system behaviors and security threats while threats can still be rigorously analyzed based on graph transformation.

show abstract

“…The system calculates total amount and displays the order. 9. The customer provides shipping information of the order by inputting address.…”

Section: A Event Flow Information Extractionmentioning

confidence: 99%

A resource-based approach to formalize use case specification for web applications

Deng

Liu

2010

2010 IEEE International Conference on Progress in Informatics and Computing

View full text Add to dashboard Cite

Web applications under attack may perform undesirable behaviors against their use case specification.These attacks exploit web vulnerabilities which are usually considered as consequences of abusing web resources. The paper proposes a resource-based approach to formalize use case specification for web applications. The goal of the research is to identify and organize web resources, and to integrate web resources into use cases in a structured way.First, we fIlter web resource information based on the lexical analysis of the original use case specification. Then, we identify hidden web resources that are not listed in the event flow but required during the realization of the event. After that, we organize these web resources into a web resource tree. Finally, the formalized use case specification is constructed into a tree structure along with a defined event flow grammar. The resource-based use case specification enables security analysts to analyze the web vulnerabilities in terms of the resources required by each event. It is helpful to elicit security requirements.

show abstract

Aspect-oriented specification of threat-driven security requirements

Cited by 8 publications

References 25 publications

Towards an Enhanced Design Level Security: Integrating Attack Trees with Statecharts

Towards an Enhanced Design Level Security: Integrating Attack Trees with Statecharts

Uml-Based Modeling and Analysis of Security Threats

A resource-based approach to formalize use case specification for web applications

Contact Info

Product

Resources

About