A system for seamless support from security requirements analysis to security design using a software security knowledge base

Atsuo Hazeyama, Hikaru Miyahara, Takafumi Tanaka, Hironori Washizaki, Haruhiko Kaiya, Takao Okubo, Nobukazu Yoshioka

研究成果: Conference contribution

抄録

Owing to the widespread use of the internet, software services are being provided to millions of consumers and the importance of software security has increased considerably. Specifically, difficulties in developing a security design based on the results of a security requirements analysis are a focal point for investigation. One promising approach for addressing these difficulties is to create a knowledge base for secure software development and a process for utilizing it. The information obtained regarding the security design of the knowledge base, which is associated with the knowledge used in the security requirements analysis, can be considered during the design phase. This paper describes the development of a system that seamlessly supports the design phase based on the results of a security requirements analysis and the knowledge base. We then present an example to demonstrate the usefulness of the proposed system. This knowledge base maintains an association between knowledge types and is traceable. Therefore, if the knowledge used to create a type of artifact evolves, it is possible to detect artifacts used knowledge associated with it.

本文言語English
ホスト出版物のタイトルProceedings - 2019 IEEE 27th International Requirements Engineering Conference Workshops, REW 2019
出版社Institute of Electrical and Electronics Engineers Inc.
ページ134-140
ページ数7
ISBN(電子版)9781728151656
DOI
出版ステータスPublished - 2019 9
イベント27th IEEE International Requirements Engineering Conference Workshops, REW 2019 - Jeju Island, Korea, Republic of
継続期間: 2019 9 232019 9 27

出版物シリーズ

名前Proceedings - 2019 IEEE 27th International Requirements Engineering Conference Workshops, REW 2019

Conference

Conference27th IEEE International Requirements Engineering Conference Workshops, REW 2019
国/地域Korea, Republic of
CityJeju Island
Period19/9/2319/9/27

ASJC Scopus subject areas

  • コンピュータ ネットワークおよび通信
  • ソフトウェア
  • 安全性、リスク、信頼性、品質管理
  • 人工知能

フィンガープリント

「A system for seamless support from security requirements analysis to security design using a software security knowledge base」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル