Pattern-Based Confidentiality-Preserving Refinement

Authors:
Holger Schmidt
Affiliations:
Faculty of Engineering, Department of Computer Science and Applied Cognitive Science, Workgroup Software Engineering, University Duisburg-Essen, Germany
Venue:
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Year:
2009

Citing 13
Cited 0

Communicating sequential processes

Communicating sequential processes
Problem frames: analyzing and structuring software development problems

Problem frames: analyzing and structuring software development problems
Elaborating Security Requirements by Construction of Intentional Anti-Models

Proceedings of the 26th International Conference on Software Engineering
The Effect of Trust Assumptions on the Elaboration of Security Requirements

RE '04 Proceedings of the Requirements Engineering Conference, 12th IEEE International
From requirements to specifications: a formal approach

Proceedings of the 2006 international workshop on Advances and applications of problem frames
A Pattern System for Security Requirements Engineering

ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
A Security Engineering Process based on Patterns

DEXA '07 Proceedings of the 18th International Conference on Database and Expert Systems Applications
Security Requirements Engineering: A Framework for Representation and Analysis

IEEE Transactions on Software Engineering
Preservation of probabilistic information flow under refinement

Information and Computation
Analysis and Component-based Realization of Security Requirements

ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
A Formal Metamodel for Problem Frames

MoDELS '08 Proceedings of the 11th international conference on Model Driven Engineering Languages and Systems
Security engineering using problem frames

ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
A refinement calculus for communicating processes with state

IW-FM'97 Proceedings of the 1st Irish conference on Formal Methods

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present an approach to security requirements engineering, which makes use of special kinds of problem frames that serve to structure, characterize, analyze, and solve software development problems in the area of software and system security. In this paper, we focus on confidentiality problems. We enhance previously published work by formal behavioral frame descriptions, which enable software engineers to unambiguously specify security requirements. Consequently, software engineers can prove that the envisaged solutions provide functional correctness and that the solutions fulfill the specified security requirements.