Aspect-oriented specification of threat-driven security requirements
نویسندگان
چکیده
This paper presents an aspect-oriented approach to integrated specification of functional and security requirements based on use-case-driven software development. It relies on explicit identification of security threats and threat mitigations. We first identify security threats with respect to use-case-based functional requirements in terms of security goals and the STRIDE category. Then, we suggest threat mitigations for preventing or reducing security threats. To capture the crosscutting nature of threats and mitigations, we specify them as aspects that encapsulate pointcuts and advice. This provides a structured way for separating functional and security concerns and for analysing the interaction between them.
منابع مشابه
A Metadata-Driven Approach for Aspect-Oriented Requirements Analysis
This paper presents a metadata-driven approach based on aspect-oriented requirements analysis. This approach has been defined in cooperation with the European Space Agency in the context of the “Aspect Specification for the Space Domain” (ASSD) project. ASSD aims at assessing the applicability and usefulness of aspect-orientation for the space domain (ground segment software projects in particu...
متن کاملSituation-Aware Contract Specification Language for Middleware for Ubiquitous Computing
Ubicomp applications are characterized as situationaware, frequently-and-ephemerally-communicated and QoS-properties-associated. Using middleware to provide multiple QoS support for these ubicomp applications will enhance the development of the ubicomp applications. To satisfy the different QoS requirements of various applications in ubicomp environments, which are heterogeneous and resource-va...
متن کاملSecurity Concerns in an Aspect-Oriented Modeling Approach
Security concerns are present in many software solutions and products. While the functional requirements most often drive the development of models in Model Driven Development (MDD), the modeling of non-functional concerns is equaling important for a high quality solution. Aspect Oriented Modeling (AOM) is an MDD approach that helps develop higher quality solutions by considering various requir...
متن کاملConsequences of Security Aspect Interactions on Aspect-Oriented Modeling
Non-functional concerns are present in all software solutions and products. While the functional requirements most often drive the development of models in Model Driven Development (MDD), the modeling of non-functional concerns, such as security, is equally important for a high quality solution. The security concerns within a solution are often crosscutting, non-orthogonal and of a diverse natu...
متن کاملDecision Support for Choice of Security Solution: The Aspect-Oriented Risk Driven Development (AORDD)Framework
Security critical systems development needs to integrate both project and product risks assessment into the development. Such systems need to balance time to market constraints, cost demands, functional requirement, as well as security requirements. This advocate the use of techniques that support costeffective and risk-driven development. The aspect-oriented risk-driven development (AORDD) fra...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IJCAT
دوره 31 شماره
صفحات -
تاریخ انتشار 2008