Toward model-based security engineering: developing a security analysis DSML
نویسندگان
چکیده
As a long-term industrial initiative, we are developing a new method to support security risk analysis, closely integrated with the overall engineering process of our critical information systems. This method is building upon model-based engineering techniques. This paper presents a prototype domainspecific modelling language (DSML) that was developed in this context; this DSML aims at supporting the analysis and assessment of security risks for a system, and the specification of requirements for security measures to address those risks. The rationale, approach and main features of this DSML are presented. Our objective is to provide adequate and efficient tooling to security engineers for an effective integration of security engineering in the process of critical system design, so as to enable a better targeting of security specifications.
منابع مشابه
Mapping of McGraw Cycle to RUP Methodology for Secure Software Developing
Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...
متن کاملGame-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags
The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and ...
متن کاملDeveloping a grounded-based model of tranquility in contemporary apartments in Urmia City
Introduction: Stressful life and lack of tranquility in modern society, have been serious problems for human life. Environmental psychology has shown that physical and architectural environments play an important role in this, and since the home is one of the most important environments, they try to offer solutions. This study tries to identify the factors that play an effective role in creatin...
متن کاملFormal approach on modeling and predicting of software system security: Stochastic petri net
To evaluate and predict component-based software security, a two-dimensional model of software security is proposed by Stochastic Petri Net in this paper. In this approach, the software security is modeled by graphical presentation ability of Petri nets, and the quantitative prediction is provided by the evaluation capability of Stochastic Petri Net and the computing power of Markov chain. Each...
متن کاملComputationally secure multiple secret sharing: models, schemes, and formal security analysis
A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. in such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secur...
متن کامل