An aspect-oriented approach to relating security requirements and access control

Alebrahim, Azadeh; Tun, Thein Than; Yu, Yijun; Heisel, Maritta and Nuseibeh, Bashar (2012). An aspect-oriented approach to relating security requirements and access control. In: CAiSE'12 Forum, 28 Jun 2012, Gdansk, Poland.

URL: http://www.uni-due.de/imperia/md/content/swe/paper...

Abstract

Affecting multiple parts in software systems, security requirements often tangle with functional requirements. In order to separate crosscutting concerns and increase modularity, we propose to represent security requirements as aspects that can be woven into functional requirements. Using problem frames to model the functional requirements, weaving is achieved by composing the modules representing security aspects with the requirement models. Moreover, we provide guidance on how such security aspects are structured to implement a particular access control solution. As a result, such security aspects become reusable solution patterns to refine the structure of security-related problem.

Viewing alternatives

Download history

Item Actions

Export

About

Recommendations