Arguing Security: A Framework for Analyzing Security Requirements
作者: Charles B. Haley
DOI:
关键词:
摘要: This book presents a framework for security requirements elicitation and analysis. The is based on constructing context the system, representing as constraints, developing satisfaction arguments requirements. system described using problem-oriented notation, then validated against through construction of argument. argument consists two parts: formal that can meet its requirements, structured informal challenging assumptions in may fail, revealing either requirement cannot be satisfied context, or does not contain sufficient information to develop In this case, designers architects are asked provide additional design resolve problems. evaluated by applying it an analysis within air traffic control technology evaluation project.
bl.uk
amazon.com
the-haleys.org 参考文章(110)
Srdjan Capkun, Jean-Pierre Hubaux, Securing position and distance verification in wireless networks ,(2004)
Bashar Nuseibeh, Weaving the Software Development Process Between Requirements and Architectures ,(2001)
Tyrone Grandison, Morris Sloman, Trust Management Tools for Internet Applications Lecture Notes in Computer Science. pp. 91- 107 ,(2003) , 10.1007/3-540-44875-6_7
Michael Jackson, The structure of software development thought Springer, London. pp. 228- 253 ,(2006) , 10.1007/1-84628-111-3_12
Jonathan D Moffett, Charles B Haley, Bashar Nuseibeh, Core Security Requirements Artefacts ,(2004)
B. W. Boehm, Verifying and validating software requirements and design specifications Software Risk Management. pp. 205- 218 ,(1989)
Janet E. Burge, David C. Brown, AN INTEGRATED APPROACH FOR SOFTWARE DESIGN CHECKING USING DESIGN RATIONALE Springer, Dordrecht. pp. 557- 575 ,(2004) , 10.1007/978-1-4020-2393-4_29
Ian F. Alexander, Modelling the Interplay of Conflicting Goals with Use and Misuse Cases. GBPM. ,(2002)
Anthony Hunter, Making argumentation more believable national conference on artificial intelligence. pp. 269- 274 ,(2004)
Isabel Brito, Ana Moreira, Integrating the NFR framework in a RE model ,(2004)