Welcome to IEEE Xplore 2.0: An Aspect-Oriented Approach to Security Requirements Analysis

Cart | Sitemap | Help

Abstract


	BROWSE	SEARCH	IEEE XPLORE GUIDE	SUPPORT

View TOC

An Aspect-Oriented Approach to Security Requirements Analysis
Dianxiang Xu Goel, V. Nygard, K.
Dept. of Comput. Sci., North Dakota State Univ., Fargo, ND;

This paper appears in: Computer Software and Applications Conference, 2006. COMPSAC '06. 30th Annual International
Publication Date: 17-21 Sept. 2006
Volume: 2, On page(s): 79-82
Location: Chicago, IL,
ISSN: 0730-3157
ISBN: 0-7695-2655-1
INSPEC Accession Number: 9165453
Digital Object Identifier: 10.1109/COMPSAC.2006.109
Current Version Published: 2006-12-04

Abstract
This paper presents an aspect-oriented approach to integrated elicitation of functional and security requirements based on use case-driven development. We identify security threats with respect to use cases and adopt threat mitigations for preventing or reducing security threats. To capture crosscutting nature of threats and mitigations, we specify them as aspects that encapsulate pointcuts and advice. A threat (mitigation) pointcut is a collection of join points in use cases at which the use cases are threatened (secured); whereas threat/mitigation advice describes how a threat can become an attack (can be mitigated). Eliciting threats and mitigations as aspects provides a structured way for separating functional and security concerns

Index Terms
Available to subscribers and IEEE members.

References
Available to subscribers and IEEE members.

Citing Documents
Available to subscribers and IEEE members.

You are not logged in.

Guests may access Abstract records free of charge.