Owing to the widespread use of the internet, software services are being provided to millions of consumers and the importance of software security has increased considerably. Specifically, difficulties in developing a...
详细信息
ISBN:
(纸本)9781728151656
Owing to the widespread use of the internet, software services are being provided to millions of consumers and the importance of software security has increased considerably. Specifically, difficulties in developing a security design based on the results of a security requirements analysis are a focal point for investigation. One promising approach for addressing these difficulties is to create a knowledge base for securesoftwaredevelopment and a process for utilizing it. The information obtained regarding the security design of the knowledge base, which is associated with the knowledge used in the security requirements analysis, can be considered during the design phase. This paper describes the development of a system that seamlessly supports the design phase based on the results of a security requirements analysis and the knowledge base. We then present an example to demonstrate the usefulness of the proposed system. This knowledge base maintains an association between knowledge types and is traceable. Therefore, if the knowledge used to create a type of artifact evolves, it is possible to detect artifacts used knowledge associated with it.
With the growing number of services on the Internet, the need for securesoftwaredevelopment has increased. It is required for securesoftwaredevelopment to consider security in the whole development life cycle. It ...
详细信息
ISBN:
(纸本)9781538626672
With the growing number of services on the Internet, the need for securesoftwaredevelopment has increased. It is required for securesoftwaredevelopment to consider security in the whole development life cycle. It is indispensable for securesoftwaredevelopment to use various types of security knowledge. This study deals with security requirement analysis. Existing security requirements modeling systems do not provide a function to create an artifact while referring to security knowledge in an integrated manner. In this paper, the authors develop a modeling support system for a misuse case diagram that enables the association of knowledge with elements that constitute the diagram. The results of an experiment using the system show the system's usefulness in both the integration of the knowledge base with the artifact creation environment and the association of the knowledge with the elements of the diagram.
In recent years, importance on software security technologies has been recognized and various types of technologies have been developed. On the other hand, in spite of recognition of necessity of providing cases that ...
详细信息
In recent years, importance on software security technologies has been recognized and various types of technologies have been developed. On the other hand, in spite of recognition of necessity of providing cases that deal with full life cycle for securesoftwaredevelopment, only few are reported. This paper describes a case-based management system (CBMS) that consists of an artifact management system and a knowledge-based management system (KBMS) to manage cases for securesoftwaredevelopment. The former manages the artifacts created in securesoftware life cycle. The latter manages software security knowledge. The case-based management system also manages association between artifacts and software security knowledge and supports both visualization among software security knowledge and between artifacts and software security knowledge. We conducted an experiment to evaluate the system. We describe the effectiveness and future work of the system. (C) 2015 The Authors. Published by Elsevier B.V
In recent years, importance on software security technologies has been recognized and various types of technologies have been developed. On the other hand, in spite of recognition of necessity of providing cases that ...
详细信息
In recent years, importance on software security technologies has been recognized and various types of technologies have been developed. On the other hand, in spite of recognition of necessity of providing cases that deal with full life cycle for securesoftwaredevelopment, only few are reported. This paper describes a case-based management system (CBMS) that consists of an artifact management system and a knowledge-based management system (KBMS) to manage cases for securesoftwaredevelopment. The former manages the artifacts created in securesoftware life cycle. The latter manages software security knowledge. The case-based management system also manages association between artifacts and software security knowledge and supports both visualization among software security knowledge and between artifacts and software security knowledge. We conducted an experiment to evaluate the system. We describe the effectiveness and future work of the system.
暂无评论