Aspect-oriented specification of threat-driven security requirements. (28th March 2008)

Record Type:: Journal Article
Title:: Aspect-oriented specification of threat-driven security requirements. (28th March 2008)
Main Title:: Aspect-oriented specification of threat-driven security requirements
Authors:: Xu, Dianxiang
Goel, Vivek
Nygard, Kendall E.
Eric Wong, W.
Abstract:: This paper presents an aspect-oriented approach to integrated specification of functional and security requirements based on use-case-driven software development. It relies on explicit identification of security threats and threat mitigations. We first identify security threats with respect to use-case based functional requirements in terms of security goals and the STRIDE category. Then, we suggest threat mitigations for preventing or reducing security threats. To capture the crosscutting nature of threats and mitigations, we specify them as aspects that encapsulate pointcuts and advice. This provides a structured way for separating functional and security concerns and for analysing the interaction between them.
Is Part Of:: International journal of computer applications technology. Volume 31:Number 1/2(2008)
Journal:: International journal of computer applications technology
Issue:: Volume 31:Number 1/2(2008)
Issue Display:: Volume 31, Issue 1/2 (2008)
Year:: 2008
Volume:: 31
Issue:: 1/2
Issue Sort Value:: 2008-0031-NaN-0000
Page Start:: 131
Page End:: 140
Publication Date:: 2008-03-28
Subjects:: security requirements -- aspect-oriented software development -- use case -- security threats -- threat mitigation
Technology -- Data processing -- Periodicals
620.00285
Journal URLs:: http://www.inderscience.com/jhome.php?jcode=ijcat ↗
http://www.inderscience.com/ ↗
Languages:: English
ISSNs:: 0952-8091
Deposit Type:: Legaldeposit
View Content:: Available online (eLD content is only available in our Reading Rooms) ↗
Physical Locations:: British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store
Ingest File:: 8354.xml