Goal-oriented security requirements analysis for a system used in several different activities

Haruhiko Kaiya, Takao Okubo, Nobuyuki Kanaya, Yuji Suzuki, Shinpei Ogata, Kenji Kaijiri, Nobukazu Yoshioka

研究成果: Conference contribution

4 被引用数 (Scopus)

抄録

Because an information system is used in different activities simultaneously today, we have to analyze usages of the system in the existing activities and to-be usages in an intended activity together. Especially, security aspects should be carefully analyzed because existing activities are not always secure. We propose a security requirements analysis method for resolving this problem. To take both existing and intended activities into account together, we integrate them on the basis of the unification of common actors. To explore possible attacks under integrated activities, we enumerate achievable attacks on the basis of the possible means in each actor with the help of security knowledge. To avoid or mitigate the attacks and to achieve fundamental goals, we disable some means or narrow down the means to be monitored with the help of propositional logic formulae. Through case studies on insurance business, we illustrated our idea.

本文言語English
ホスト出版物のタイトルAdvanced Information Systems Engineering Workshops - CAiSE 2013 International Workshops, Proceedings
出版社Springer Verlag
ページ478-489
ページ数12
ISBN(印刷版)9783642384899
DOI
出版ステータスPublished - 2013
外部発表はい
イベント25th Conference on Advanced Information Systems Engineering, CAiSE 2013 - Valencia, Spain
継続期間: 2013 6 172013 6 21

出版物シリーズ

名前Lecture Notes in Business Information Processing
148 LNBIP
ISSN(印刷版)1865-1348

Conference

Conference25th Conference on Advanced Information Systems Engineering, CAiSE 2013
国/地域Spain
CityValencia
Period13/6/1713/6/21

ASJC Scopus subject areas

  • 管理情報システム
  • 制御およびシステム工学
  • ビジネスおよび国際経営
  • 情報システム
  • モデリングとシミュレーション
  • 情報システムおよび情報管理

フィンガープリント

「Goal-oriented security requirements analysis for a system used in several different activities」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル