Threat Modeling for Security Failure-Tolerant Requirements

被引:1
|
作者
Shin, Michael [1 ]
Dorbala, Swetha [1 ]
Jang, Dongsoo [1 ]
机构
[1] Texas Tech Univ, Dept Comp Sci, Lubbock, TX 79409 USA
来源
2013 ASE/IEEE INTERNATIONAL CONFERENCE ON SOCIAL COMPUTING (SOCIALCOM) | 2013年
关键词
threat modeling; threat point; security point; use case model; security failure-tolerant requirements;
D O I
10.1109/SocialCom.2013.89
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper describes an approach to modeling security threats to applications and to deriving security failure-tolerant requirements from the threats. This paper assumes that unbreakable core security services for applications, such as authentication, access control, cryptosystem, or digital signature, are broken all the time in a real-world setting. The UML use case model for application requirements is analyzed to model security threats to the system in terms of threat points at which each threat is described using a structured template. This paper also derives security failure-tolerant requirements from the threats at threat points, and the requirements are modeled by means of security failure-tolerant use cases separately from application use cases in the use case model. A security failure-tolerant use case is extended from an application use case at a security point. The Internet banking application is used to illustrate the proposed approach.
引用
收藏
页码:594 / 599
页数:6
相关论文
共 50 条
  • [21] A Novel Strategy for Failure-tolerant Communication in Smart Grids
    Nguyen, Cuong P.
    Flueck, Alexander J.
    2014 IEEE PES GENERAL MEETING - CONFERENCE & EXPOSITION, 2014,
  • [22] Numerical synthesis of a failure-tolerant, nonlinear adaptive autopilot
    Crawford, LS
    Sharma, V
    Menon, PK
    PROCEEDINGS OF THE 2000 IEEE INTERNATIONAL CONFERENCE ON CONTROL APPLICATIONS, 2000, : 461 - 466
  • [23] Sensor Failure-Tolerant Observer Design With Regional Pole Placement
    Luo, Wenjia
    Zhang, Cong
    Jaimoukha, Imad M.
    IEEE CONTROL SYSTEMS LETTERS, 2022, 6 : 2102 - 2107
  • [24] Failure-Tolerant Synchronous and Self-Timed Circuits Comparison
    Zatsarinny A.A.
    Stepchenkov Y.A.
    Diachenko Y.G.
    Rogdestvenski Y.V.
    Russian Microelectronics, 2022, 51 (08) : 630 - 632
  • [25] Identifying the failure-tolerant workspace boundaries of a kinematically redundant manipulator
    Roberts, Rodney G.
    Jamisola, Rodrigo S., Jr.
    Maciejewski, Anthony A.
    PROCEEDINGS OF THE 2007 IEEE INTERNATIONAL CONFERENCE ON ROBOTICS AND AUTOMATION, VOLS 1-10, 2007, : 4517 - +
  • [26] Maximizing the failure-tolerant workspace area for planar redundant robots
    Bader, Ashraf M.
    Maciejewski, Anthony A.
    MECHANISM AND MACHINE THEORY, 2020, 143
  • [27] New Bounds on the Minimum Number of Calls in Failure-Tolerant Gossiping
    Hou, Zhe
    Shigeno, Maiko
    NETWORKS, 2009, 53 (01) : 35 - 38
  • [28] MuSeQoR: Multi-path failure-tolerant security-aware QoS routing in ad hoc wireless networks
    Sriram, S
    Reddy, TB
    Manoj, BS
    Murthy, SR
    HIGH PERFORMANCE COMPUTING - HIPC 2004, 2004, 3296 : 81 - 90
  • [29] MuSeQoR: Multi-path failure-tolerant security-aware QoS routing in ad hoc wireless networks
    Reddy, T. Bheemarjuna
    Sriram, S.
    Manoj, B. S.
    Murthy, C. Siva Ram
    COMPUTER NETWORKS, 2006, 50 (09) : 1349 - 1383
  • [30] A Cost-Efficient Failure-Tolerant Scheme for Distributed DNN Training
    Chen, Menglei
    Hua, Yu
    Bai, Rong
    Huang, Jianming
    2023 IEEE 41ST INTERNATIONAL CONFERENCE ON COMPUTER DESIGN, ICCD, 2023, : 150 - 157