Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction
Generic Misuse Case: Spoof User Access
Security Use Case: Atm Authorization
Related Work
Discussion and Conclusions
References
All Topics
Computer Science
Cybersecurity

A reuse-based approach to determining security requirements

Profile image of Donald FiresmithDonald Firesmith

2003, Proceedings of the 9th international workshop on requirements engineering: foundation for software quality (REFSQ’03), Klagenfurt, Austria

Abstract

The paper proposes a reuse-based approach to determining security requirements. Development for reuse involves identifying security threats and associated security requirements during application development and abstracting them into a repository of generic threats and requirements. Development with reuse involves identifying security assets, setting security goals for each asset, identifying threats to each goal, analysing risks and determining security requirements, based on reuse of generic threats and ...

Related papers

Based on a Security Requirements Engineering Process
Daniel Mellado

2010

Integration of security into the early stages of the system development is necessary to build secure systems. However, in the majority of software projects security is dealt with when the system has already been designed and put into operation. This paper will propose an approach called SREP (Security Requirements Engineering Process) for the development of secure software. We will present an iterative and incremental micro-process for the security requirements analysis that is repeatedly performed at each phase. It integrates the Common Criteria into the software lifecycle model as well as it is based on the reuse of security requirements, by providing a security resources repository. In brief, we will present an approach which deals with the security requirements at the early stages of software development in a systematic and intuitive way, and which also conforms to ISO/IEC 17799:2005.

View PDFchevron_right
Specifying Reusable Security Requirements
Donald Firesmith

2004

Abstract Unlike typical functional requirements, security requirements can potentially be highly reusable, especially if specified as instances of reusable templates. In this column, I will discuss the concepts underlying security engineering including its quality subfactors. I will then address the issue of security requirements and how they differ from the architectural mechanisms that will fulfill them.

View PDFchevron_right
A common criteria based security requirements engineering process for the development of secure information systems
Eduardo Medina

Computer Standards & Interfaces, 2007

In order to develop security critical Information Systems, specifying security quality requirements is vitally important, although it is a very difficult task. Fortunately, there are several security standards, like the Common Criteria (ISO/IEC 15408), which help us handle security requirements. This article will present a Common Criteria centred and reuse-based process that deals with security requirements at the early stages of software development in a systematic and intuitive way, by providing a security resources repository as well as integrating the Common Criteria into the software lifecycle, so that it unifies the concepts of requirements engineering and security engineering.

View PDFchevron_right
SREP: A Proposal for Establishing Security Requirements for the Development of Secure Information Systems
Daniel Mellado

Nowadays, security solutions are mainly focused on providing security defences, instead of solving one of the main reasons for security problems that refers to an appropriate Information Systems (IS) design. In this paper a proposal for establishing security requirements for the development of secure IS is presented. Our approach is an asset-based and risk-driven method, which is based on the reuse of security requirements, by providing a security resources repository, together with the integration of the Common Criteria into traditional software lifecycle model, so that it conforms to ISO/IEC 15408. Starting from the concept of iterative software construction, we will propose a micro-process for the security requirements analysis, that is repeatedly performed at each level of abstraction throughout the incremental development. In brief, we will present an approach which deals with the security requirements at the first stages of software development in a systematic and intuitive way, and which conforms to ISO/IEC 17799:2005.

View PDFchevron_right
Reusable knowledge in security requirements engineering: a systematic mapping study
Camille Salinesi

Requirements Engineering, 2015

Security is a concern that must be taken into consideration starting from the early stages of system development. Over the last two decades, researchers and engineers have developed a considerable number of methods for security requirements engineering. Some of them rely on the (re) use of security knowledge. Despite some existing surveys about security requirements engineering, there is not yet any reference for researchers and practitioners that presents in a systematic way the existing proposals, techniques, and tools related to security knowledge reuse in security requirements engineering. The aim of this paper is to fill this gap by looking into drawing a picture of the literature on knowledge and reuse in security requirements engineering. The questions we address are related to methods, techniques, modeling frameworks, and tools for and by reuse in security requirements engineering. We address these questions through a systematic mapping study. The mapping study was a literature review conducted with the goal of identifying, analyzing and categorizing state of the art research on our topic. This mapping study analyzes more than thirty approaches, covering twenty years of research in security requirements engineering. The contributions can be summarized as follows: (i) a framework was defined for analyzing and comparing the different proposals as well as categorizing future contributions related to knowledge reuse and security requirements engineering; (ii) the different forms of knowledge representation and reuse were identified; and (iii) previous surveys were updated. We conclude that most methods should introduce more reusable knowledge to manage security requirements.

View PDFchevron_right
Using the Common Criteria to Elicit Security Requirements with Use Cases
Caroline Eastman

Proceedings of the IEEE SoutheastCon 2006

The Common Criteria is often too confusing and technical for non-security specialists to understand and therefore properly use. At the same time, it is essential that security critical IT products under development be validated according to such standards not after but rather during the software engineering process. To help address these issues, this paper presents an approach to eliciting security requirements for IT systems with use cases using Common Criteria methodologies. The approach involves using actor profiles to derive threats, mapping derived threats to security objectives, and mapping objectives to security requirements using a CC Toolbox data set. Our aim is to ensure that security issues are considered early during requirements engineering while making the Common Criteria more readily available to end-users in an understandable context. Violet, an open source UML diagram modeling tool, has been extended to implement the approach from a use case textual description perspective.

View PDFchevron_right
Reusing security requirements using an extended quality model
Daniel Mendez

2010

A reoccurring problem in software engineering constitutes ensuring sufficient completeness of requirements specifications with economically justifiable efforts. Formulating precise quality requirements and especially security requirements is elaborate as they depend on many stakeholders and technological aspects that are often unclear in early project phases. Threats that may have a severe impact on the software product are sometimes not even known. One approach to tackle this situation is reusing quality requirements, because they are to a high degree similar in different software products. The effect can be higher quality while at the same time saving time and budget.

View PDFchevron_right
Incorporating Security Requirements into the Software Development Process
Maria Karyda

2005

Security requirements, such as authentication, confidentiality, authorization, availability, integrity and privacy, are becoming extremely common in software development processes. However, in practical terms, it has been proved that only rarely the developed software fulfils the related security requirements. The reason for this is twofold. On one hand software developers are not security experts and thus they are not competent in selecting and applying the appropriate security countermeasures. On the other hand, many security requirements are intrinsically difficult to deal with. This paper aims to address both of the aforementioned issues and to introduce potential solutions. It starts by analysing the major security requirements, and goes on to explore how they can be mapped into concrete security solutions or/and mechanisms. Then, it examines how the fulfilment of security requirements influences the choice of development methodologies and paradigms (with the emphasis being on the design phase), so that the requirements are effectively satisfied. The discussion covers object-oriented and aspect-oriented programming, the Rational Unified Process, UML and UMLsec, as well as security patterns, with regard to the ways they can support the use of security solutions or/and mechanisms.

View PDFchevron_right

References (38)

  1. I. Jacobson, M. Christerson, P. Jonsson, and G. Overgaard, Object-Oriented Software Engineering: A Use Case Driven Approach. Boston: Addison-Wesley, 1992.
  2. L. L. Constantine and L. A. D. Lockwood, Software for Use: A Practical Guide to the Models and Methods of Usage- Centered Design: ACM Press, 1999.
  3. A. Cockburn, Writing Effective Use Cases. Boston: Addison-Wesley, 2001.
  4. J. Rumbaugh, "Getting Started: Using use cases to capture requirements," Journal of Object-Oriented Programming, pp. 8- 23, 1994.
  5. D. Kulak and E. Guiney, Use Cases: Requirements in Context: ACM Press, 2000.
  6. K. Weidenhaupt, K. Pohl, M. Jarke, and P. Haumer, "Scenario Usage in System Development: A Report on Current Practice," IEEE Software, vol. 15, pp. 34-45, 1998.
  7. G. Sindre and A. L. Opdahl, "Eliciting Security Requirements by Misuse Cases," presented at TOOLS Pacific 2000, Sydney, 2000.
  8. G. Sindre and A. L. Opdahl, "Templates for Misuse Cases," presented at REFSQ'2001, Interlaken, 2001.
  9. G. Sindre, A. L. Opdahl, and G. F. Breivik, "Generalization/Specialization as a Structuring Mechanism for Misuse Cases," presented at 2nd Symposium on Requirements Engineering for Information Security, Raleigh, NC, 2002.
  10. I. F. Alexander, "Initial Industrial Experience of Misuse Cases in Trade-Off Analysis," presented at RE'02, Essen, 2002.
  11. I. F. Alexander, "Misuse Cases, Use Cases with Hostile Intent," IEEE Software, vol. 20, pp. 58-66, 2003.
  12. J. McDermott, "Abuse-Case-Based Assurance
  13. Arguments," presented at 17th Annual Computer Security Applications Conference (ACSAC'01), 2001.
  14. I. F. Alexander, "Modelling the Interplay of Conflicting Goals with Use and Misuse Cases," presented at 8th International Workshop on Requirements Engineering: Foundation for Software Quality, Essen, Germany, 2002.
  15. J. McDermott and C. Fox, "Using Abuse Case Models for Security Requirements Analysis," presented at 15th Annual Computer Security Applications Conference (ACSAC'99), 1999.
  16. D. Firesmith, "Security Use Cases," Journal of Object Technology, vol. 2, pp. 53-64, 2003.
  17. R. Crook, D. Ince, L. Lin, and B. Nuseibeh, "Security Requirements Engineering: When Anti-Requirements Hit the Fan," presented at IEEE International Requirements Engineering Conference (RE'02), Essen, Germany, 2002.
  18. D. Firesmith, "Engineering Security Requirements," Journal of Object Technology, vol. 2, pp. 53-68, 2003.
  19. A. I. Anton, R. A. Carter, A. Dagnino, J. H. Dempster, and D. F. Siege, "Deriving Goals from a Use Case Based Requirements Specification," Requirements Engineering Journal, vol. 6, pp. 63-73, 2001.
  20. A. I. Anton and J. B. Earp, "Strategies for Developing Policies and Requirements for Secure Electronic Commerce Systems," presented at 1st ACM Workshop on Security and Privacy in E-Commerce, 2000.
  21. T. Biggerstaff and C. Richter, "Reusability Framework, Assessment and Directions," IEEE Software, vol. 4, pp. 41-49, 1987.
  22. A. van Lamsweerde, "Requirements Engineering in the Year 00: A Research Perspective," presented at ICSE'2000, Limerick, Ireland, 2000.
  23. M. Mannion, B. Keepence, H. Kaindl, and J. Wheadon, "Reusing Single System Requirements from Application Family Requirements," presented at ICSE'99, Los Angeles, CA, 1999.
  24. R. R. Lutz, "Towards Safe Reuse of Product Family Specifications," presented at SSR'99, Los Angeles, CA, 1999.
  25. M. Daneva, "Measuring Reuse of SAP Requirements: a Model-based Approach," presented at SSR'99, Los Angeles, CA, 1999.
  26. E.-A. Karlsson, "Software Reuse: A Holistic Approach," in Wiley Series in Software Based Systems: John Wiley & Sons, 1995.
  27. G. Sindre, R. Conradi, and E.-A. Karlsson, "The REBOOT Approach to Software Reuse," Journal of Systems and Software, vol. 30, pp. 201-212, 1995.
  28. W. Tracz, "Software Reuse Myths," ACM SIGSOFT Software Engineering Notes, vol. 13, pp. 17-21, 1988.
  29. H. Reubenstein and R. Waters, "The Requirements Apprentice: Automated assistance for requirements acquisition," IEEE Software, vol. 17, pp. 226-240, 1991.
  30. N. A. M. Maiden and A. G. Sutcliffe, "Exploiting Reusable Specifications through Analogy," Communications of the ACM, vol. 35, pp. 55-64, 1992.
  31. P. Massonet and A. van Lamsweerde, "Analogical Reuse of Requirements Frameworks," presented at 3rd International Conference on Requirements Engineering, Washington DC, 1997.
  32. O. Lopez, M. A. Laguna, and F. J. Garcia, "Reuse-based Analysis and Clustering of Requirements Diagrams," presented at 8th International Workshop on Requirements Engineering: Foundation for Software Quality (REFSQ'02), Essen, Germany, 2002.
  33. W. Lam, "Scenario reuse: A technique for complementing scenario-based requirements engineering approaches," presented at 4th Asia Pacific Software Engineering and International Computer Science Conference (APSEC'97 / ICSC'97), Hong Kong, 1997.
  34. H. G. Woo and W. N. Robinson, "Reuse of Scenario Specifications Using an Automated Relational Learner: A Lightweight Approach," presented at IEEE Joint Conference on Requirements Engineering (RE'02), Essen, Germany, 2002.
  35. A. Toval, J. Nicolas, B. Moros, and F. Garcia, "Requirements Reuse for Improving Information Systems Security: A Practitioner's Approach," Requirements Engineering Journal, vol. 6, pp. 205-219, 2002.
  36. CCIMB, "Common Criteria for Information Technology Security Evaluation," Common Criteria Implementation Board, Technical Report CCIMB-99-031, August 1999.
  37. A. van Lamsweerde and E. Letier, "Handling Obstacles in Goal-Oriented Requirements Engineering," IEEE Transactions on Software Engineering, vol. 26, pp. 978-1005, 2000.
  38. E. Yu and L. Liu, "Modelling Trust in the i* Strategic Actors Framework," presented at 3rd Workshop on Deception, Fraud and Trust in Agent Societies, Barcelona, 2000.

Related papers

Towards a Catalogue of Reusable Security Requirements, Vulnerabilities and Threats
Alberto Da Silva

2018

Organizations are giving more importance to secure their systems due to the increasing number of cyber-attacks and inherent complexity. The aim of our work is help organizations plan and consider these security concerns from the very beginning, since the requirements and design phases, and not just later in the implementation or deployment phases. Consider security-bydesign and security-by-default principles are good approaches to avoid rework costs or to mitigate security flaws. However, there is not yet a suitable approach to specify security requirements in a rigorous and systematic way. In this paper we propose an approach that allows the definition and specification of security-specific concerns like security requirements but also vulnerabilities, risks or threats. We discuss this approach based on two key parts: First, we introduce the RSLingo RSL language, that is a rigorous requirements specification language, and discuss how it is extended to support such security-specific concepts. Second, we claim the relevance for a catalogue of reusable security-specific specifications and then we show concrete examples of defining and using such specifications. The proposed catalogue can be easily used and extended by the community and involves currently 52 goals, 12 vulnerabilities and 31 risks; these concerns are defined into 9 packages each one representing a distinct asset.

View PDFchevron_right
Analyzing and Specifying Reusable Security Requirements
Donald Firesmith

2003

ABSTRACT A system cannot have high assurance if it has poor security, and thus, requirements for high assurance systems will logically include security requirements as well as availability, reliability, and robustness requirements. Unlike typical functional requirements, security requirements can potentially be highly reusable, especially if specified as instances of reusable templates.

View PDFchevron_right
Requirements Reuse for Improving Information Systems Security: A Practitioner’s Approach
Fernando García

Requirements Engineering, 2002

Information systems security issues have usually been considered only after the system has been developed completely, and rarely during its design, coding, testing or deployment. However, the advisability of considering security from the very beginning of the system development has recently begun to be appreciated, and in particular in the system requirements specification phase.

View PDFchevron_right
Reusable Security Requirements Repository Implementation Based on Application/System Components
Ferda Özdemir

IEEE Access, 2021

Forming high quality requirements has a direct impact on project success. Gathering security requirements could be challenging, since it demands a multidisciplinary approach and security expertise. Security requirements repository enables an effective alternative for addressing this challenge. The main objective of this paper is to present the design of a practical repository model for reusable security requirements, which is easy to use and understand for even non-security experts. The paper also portrays an approach and a software tool for using this model to determine subtle security requirements for improved coverage. Proposed repository consists of attributes determined by examining common security problems covered in state-of-the-art publications. A test repository was prepared using specification files and Common Criteria documents. The outcomes of applying the proposed model were compared with the sample requirement sets included in the state-of-the-art publications. The results reveal that in the absence of a security requirements repository, key security points can be missed. Repository improves the completeness of the security terms with reasonable effort.

View PDFchevron_right
Applying a security requirements engineering process
Daniel Mellado

2006

Nowadays, security solutions are mainly focused on providing security defences, instead of solving one of the main reasons for security problems that refers to an appropriate Information Systems (IS) design. In fact, requirements engineering often neglects enough attention to security concerns. In this paper it will be presented a case study of our proposal, called SREP (Security Requirements Engineering Process), which is a standard-centred process and a reuse-based approach which deals with the security requirements at the earlier stages of software development in a systematic and intuitive way by providing a security resources repository and by integrating the Common Criteria into the software development lifecycle. In brief, a case study is shown in this paper demonstrating how the security requirements for a security critical IS can be obtained in a guided and systematic way by applying SREP.

View PDFchevron_right

Related topics

  • Security Requirements
  • Requirement Engineering
    • 580 California St., Suite 400
    San Francisco, CA, 94104
    © 2025 Academia. All rights reserved