The Open UniversitySkip to content
 

Arguing security: A framework for analyzing security requirements

Haley, Charles B. (2008). Arguing security: A framework for analyzing security requirements. Saarbrücken: VDM Verlag Dr Müller.

URL: http://portal.acm.org/citation.cfm?id=1521577
Google Scholar: Look up in Google Scholar

Abstract

When considering the security of a system, the analyst must simultaneously work with two types of properties: those that can be shown to be true, and those that must be argued as being true. The first consists of properties that can be demonstrated conclusively, such as the type of encryption in use or the existence of an authentication scheme. The second consists of things that cannot be so demonstrated but must be considered true for a system to be secure, such as the trustworthiness of a public key infrastructure or the willingness of people to keep their passwords secure. The choices represented by the second case are called trust assumptions, and the analyst should supply arguments explaining why the trust assumptions are valid.

This book presents three novel contributions: a framework for security requirements elicitation and analysis, based upon the construction of a context for the system; an explicit place and role for trust assumptions in security requirements; and structured satisfaction arguments to validate that a system can satisfy the security requirements. The system context is described using a problem-centered notation, then is validated against the security requirements through construction of a satisfaction argument. The satisfaction argument is in two parts: a formal argument that the system can meet its security requirements, and structured informal arguments supporting the assumptions exposed during argument construction. If one cannot construct a convincing argument, designers are asked to provide design information to resolve the problems and another pass is made through the framework to verify that the proposed solution satisfies the requirements. Alternatively, stakeholders are asked to modify the goals for the system so that the problems can be resolved or avoided. The contributions are evaluated by using the framework to do a security requirements analysis within an air traffic control technology evaluation project.

Item Type: Authored Book
Copyright Holders: 2008 VDM Verlag
ISBN: 3-639-09440-9, 978-3-639-09440-4
Academic Unit/Department: Mathematics, Computing and Technology > Computing & Communications
Interdisciplinary Research Centre: Centre for Research in Computing (CRC)
Item ID: 18876
Depositing User: Charles Haley
Date Deposited: 13 Nov 2009 09:58
Last Modified: 02 Dec 2010 20:40
URI: http://oro.open.ac.uk/id/eprint/18876
Share this page:

Actions (login may be required)

View Item
Report issue / request change

Policies | Disclaimer

© The Open University   + 44 (0)870 333 4340   general-enquiries@open.ac.uk