Goal-Oriented, B-Based Formal Derivation of Security Design Specifications from Security Requirements

March 04-March 07

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ARES.2008.77

2008 Third International Conference o ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Riham Hassan Articles by Shawn Bohner Articles by Sherif El-Kassas Articles by Mohamed Eltoweissy

	ASCII Text	x
	Riham Hassan, Shawn Bohner, Sherif El-Kassas, Mohamed Eltoweissy, "Goal-Oriented, B-Based Formal Derivation of Security Design Specifications from Security Requirements," Availability, Reliability and Security, International Conference on, pp. 1443-1450, 2008 Third International Conference on Availability, Reliability and Security, 2008.

	BibTex	x
	@article{ 10.1109/ARES.2008.77, author = {Riham Hassan and Shawn Bohner and Sherif El-Kassas and Mohamed Eltoweissy}, title = {Goal-Oriented, B-Based Formal Derivation of Security Design Specifications from Security Requirements}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3102-1}, pages = {1443-1450}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2008.77}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Goal-Oriented, B-Based Formal Derivation of Security Design Specifications from Security Requirements SN - 978-0-7695-3102-1 SP1443 EP1450 A1 - Riham Hassan, A1 - Shawn Bohner, A1 - Sherif El-Kassas, A1 - Mohamed Eltoweissy, PY - 2008 KW - Goal-oriented security requirements engineering KW - formal methods KW - design specifications KW - threat models KW - attack analysis VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

This paper proposes a requirements-driven security engineering approach for analyzing application-specific security requirements that are formally derived into security design preserving security requirements properties. The approach adopts the KAOS framework to formally construct a complete and consistent security requirements model that is extended using the B method to produce security design and further implementation while preserving requirements properties. This unique treatment of secure software engineering is systematic, constructive and considers security early in development.

Index Terms:

Goal-oriented security requirements engineering, formal methods, design specifications, threat models, attack analysis

Citation:

Riham Hassan, Shawn Bohner, Sherif El-Kassas, Mohamed Eltoweissy, "Goal-Oriented, B-Based Formal Derivation of Security Design Specifications from Security Requirements," ares, pp.1443-1450, 2008 Third International Conference on Availability, Reliability and Security, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.