Threat Modeling for Security Failure-Tolerant Requirements

被引:1
|
作者
Shin, Michael [1 ]
Dorbala, Swetha [1 ]
Jang, Dongsoo [1 ]
机构
[1] Texas Tech Univ, Dept Comp Sci, Lubbock, TX 79409 USA
来源
2013 ASE/IEEE INTERNATIONAL CONFERENCE ON SOCIAL COMPUTING (SOCIALCOM) | 2013年
关键词
threat modeling; threat point; security point; use case model; security failure-tolerant requirements;
D O I
10.1109/SocialCom.2013.89
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper describes an approach to modeling security threats to applications and to deriving security failure-tolerant requirements from the threats. This paper assumes that unbreakable core security services for applications, such as authentication, access control, cryptosystem, or digital signature, are broken all the time in a real-world setting. The UML use case model for application requirements is analyzed to model security threats to the system in terms of threat points at which each threat is described using a structured template. This paper also derives security failure-tolerant requirements from the threats at threat points, and the requirements are modeled by means of security failure-tolerant use cases separately from application use cases in the use case model. A security failure-tolerant use case is extended from an application use case at a security point. The Internet banking application is used to illustrate the proposed approach.
引用
收藏
页码:594 / 599
页数:6
相关论文
共 50 条
  • [31] Real-time failure-tolerant control of kinematically redundant manipulators
    Purdue University, West Lafayette, IN 47907-1285, United States
    IEEE Trans Rob Autom, 6 (1109-1116):
  • [32] REDUNDANCY BY CODING VERSUS REDUNDANCY BY REPLICATION FOR FAILURE-TOLERANT SEQUENTIAL CIRCUITS
    LARSEN, RW
    REED, IS
    IEEE TRANSACTIONS ON COMPUTERS, 1972, C 21 (02) : 130 - &
  • [33] PhoeniQ: Failure-Tolerant Query Processing in Multi-node Environments
    Bessho, Yutaro
    Hayamizu, Yuto
    Goda, Kazuo
    Kitsuregawa, Masaru
    DATABASE AND EXPERT SYSTEMS APPLICATIONS, DEXA 2020, PT I, 2020, 12391 : 71 - 85
  • [34] A Failure-Tolerant Approach for Autonomous Mobile Manipulation in RoboCup@Work
    Carstensen, Jan
    Carstensen, Torben
    Aden, Simon
    Dick, Andrej
    Huebner, Jens
    Krause, Sven
    Michailik, Alexander
    Wigger, Johann
    Friederichs, Jan
    Kotlarski, Jens
    ROBOCUP 2015: ROBOT WORLD CUP XIX, 2015, 9513 : 95 - 105
  • [35] Real-time failure-tolerant control of kinematically redundant manipulators
    Groom, KN
    Maciejewski, AA
    Balakrishnan, V
    1997 IEEE INTERNATIONAL CONFERENCE ON ROBOTICS AND AUTOMATION - PROCEEDINGS, VOLS 1-4, 1997, : 2595 - 2600
  • [36] Failure-Tolerant Overlay Trees for Large-Scale Dynamic Networks
    Frey, Davide
    Murphy, Amy L.
    P2P'08: EIGHTH INTERNATIONAL CONFERENCE ON PEER-TO-PEER COMPUTING, PROCEEDINGS, 2008, : 351 - +
  • [37] The kinematic design of redundant robots for maximizing failure-tolerant workspace size
    Bader, Ashraf M.
    Maciejewski, Anthony A.
    MECHANISM AND MACHINE THEORY, 2022, 173
  • [38] Real-time failure-tolerant control of kinematically redundant manipulators
    Groom, KN
    Maciejewski, AA
    Balakrishnan, V
    IEEE TRANSACTIONS ON ROBOTICS AND AUTOMATION, 1999, 15 (06): : 1109 - 1116
  • [39] A practical, redundant, failure-tolerant, self-reconfiguring embedded system architecture
    Klarer, PR
    INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATIONS AND CONTROL TECHNOLOGIES, VOL 3, PROCEEDINGS, 2004, : 180 - 184
  • [40] Organization of fault-and failure-tolerant computations in completely connected multicomputer systems
    Lobanov, AV
    AUTOMATION AND REMOTE CONTROL, 2000, 61 (12) : 2059 - 2067