Threat Modeling for Security Failure-Tolerant Requirements

被引:1
|
作者
Shin, Michael [1 ]
Dorbala, Swetha [1 ]
Jang, Dongsoo [1 ]
机构
[1] Texas Tech Univ, Dept Comp Sci, Lubbock, TX 79409 USA
来源
2013 ASE/IEEE INTERNATIONAL CONFERENCE ON SOCIAL COMPUTING (SOCIALCOM) | 2013年
关键词
threat modeling; threat point; security point; use case model; security failure-tolerant requirements;
D O I
10.1109/SocialCom.2013.89
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper describes an approach to modeling security threats to applications and to deriving security failure-tolerant requirements from the threats. This paper assumes that unbreakable core security services for applications, such as authentication, access control, cryptosystem, or digital signature, are broken all the time in a real-world setting. The UML use case model for application requirements is analyzed to model security threats to the system in terms of threat points at which each threat is described using a structured template. This paper also derives security failure-tolerant requirements from the threats at threat points, and the requirements are modeled by means of security failure-tolerant use cases separately from application use cases in the use case model. A security failure-tolerant use case is extended from an application use case at a security point. The Internet banking application is used to illustrate the proposed approach.
引用
收藏
页码:594 / 599
页数:6
相关论文
共 50 条
  • [41] Error tolerance and tradeoffs in loss- and failure-tolerant quantum computing schemes
    Rohde, Peter P.
    Ralph, Timothy C.
    Munro, William J.
    PHYSICAL REVIEW A, 2007, 75 (01):
  • [42] Implementation issues in identifying the failure-tolerant workspace boundaries of a kinematically redundant manipulator
    Hoover, Randy C.
    Roberts, Rodney G.
    Maciejewski, Anthony A.
    2007 IEEE/RSJ INTERNATIONAL CONFERENCE ON INTELLIGENT ROBOTS AND SYSTEMS, VOLS 1-9, 2007, : 3528 - +
  • [43] Multi-Radar Fusion for Failure-tolerant Vulnerable Road Users Classification
    Rykunov, Maxim
    De Greef, Eddy
    Khalid, Habib-Ur-Rehman
    Aziz, Kheireddine
    Bourdoux, Andre
    Sahli, Hichem
    2021 18TH EUROPEAN RADAR CONFERENCE (EURAD), 2021, : 337 - 340
  • [44] An internal model control design method for failure-tolerant control with multiple objectives
    Mesbah, Ali
    Paulson, Joel A.
    Braatz, Richard D.
    COMPUTERS & CHEMICAL ENGINEERING, 2020, 140 (140)
  • [45] A Hybrid Approach for Estimating the Failure-Tolerant Workspace Size of Kinematically Redundant Robots
    Bader, Ashraf M.
    Maciejewski, Anthony A.
    IEEE ROBOTICS AND AUTOMATION LETTERS, 2021, 6 (02) : 303 - 310
  • [46] Failure-tolerant distributed storage with compressed (1 out-of N) codes
    Sobe, Peter
    JOURNAL OF SYSTEMS ARCHITECTURE, 2008, 54 (09) : 861 - 867
  • [47] PigNet: Failure-Tolerant Pig Activity Monitoring System Using Structural Vibration
    Bonde, Amelie
    Codling, Jesse R.
    Naruethep, Kanittha
    Dong, Yiwen
    Siripaktanakon, Wachirawich
    Ariyadech, Sripong
    Sangpetch, Akkarit
    Sangpetch, Orathai
    Pan, Shijia
    Noh, Hae Young
    Zhang, Pei
    IPSN'21: PROCEEDINGS OF THE 20TH ACM/IEEE CONFERENCE ON INFORMATION PROCESSING IN SENSOR NETWORKS, 2021, : 328 - 340
  • [48] Open Circuit Fault Diagnosis and Failure-Tolerant Control for Inverter with Hysteresis Current Control
    Li K.
    Chen T.
    Cheng S.
    Yu T.
    Wu X.
    Qiao H.
    Diangong Jishu Xuebao/Transactions of China Electrotechnical Society, 2019, 34 : 596 - 608
  • [49] Models and algorithms of reconfiguration of failure-tolerant digital systems with an adaptive multilayer majority structure
    Kharchenko, VS
    AUTOMATION AND REMOTE CONTROL, 2000, 61 (12) : 2081 - 2094
  • [50] Pre-calculated Equation-based Decoding in Failure-tolerant Distributed Storage
    Sobe, Peter
    2009 IEEE INTERNATIONAL SYMPOSIUM ON PARALLEL & DISTRIBUTED PROCESSING, VOLS 1-5, 2009, : 1405 - 1412