Aligning security requirements and security assurance using the common criteria

Kenji Taguchi*, Nobukazu Yoshioka, Takayuki Tobita, Hiroyuki Kaneko

*この研究の対応する著者

研究成果: Conference contribution

9 被引用数 (Scopus)

抄録

This paper presents a new approach, which attempts to provide a basic framework in which security requirements and security assurance can be aligned in a uniform and concise way in a single requirements modelling methodology. This framework aims at providing security requirements modelling method for the system development as well as security assurance under the Common Criteria (IEC/ISO 15408), an international standard for security assurance and evaluation for IT products. We will adopt use case diagrams as a basis for this modelling method and extend them based on a meta model derived from the Common Criteria, which includes all relevant security concepts and their relationships for an analysis of security threats. We take Multi Function Peripherals (MFPs) as a working example and demonstrate how our proposed modelling method can effectively elicit/analyze security requirements in this paper.

本文言語English
ホスト出版物のタイトルSSIRI 2010 - 4th IEEE International Conference on Secure Software Integration and Reliability Improvement
ページ69-77
ページ数9
DOI
出版ステータスPublished - 2010
外部発表はい
イベント4th IEEE International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2010 - Singapore, Singapore
継続期間: 2010 6月 92010 6月 11

出版物シリーズ

名前SSIRI 2010 - 4th IEEE International Conference on Secure Software Integration and Reliability Improvement

Conference

Conference4th IEEE International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2010
国/地域Singapore
CitySingapore
Period10/6/910/6/11

ASJC Scopus subject areas

  • ソフトウェア
  • 安全性、リスク、信頼性、品質管理

引用スタイル