Security Engineering Using Problem Frames

We present a method for security engineering, which is based on two special kinds of problem frames that serve to structure, characterize, analyze, and finally solve software development problems in the area of software and system security. Both kinds of problem frames constitute patterns for repres...

Full description

Saved in:
Bibliographic Details
Published inEmerging Trends in Information and Communication Security pp. 238 - 253
Main Authors Hatebur, Denis, Heisel, Maritta, Schmidt, Holger
Format Book Chapter
LanguageEnglish
Published Berlin, Heidelberg Springer Berlin Heidelberg 2006
SeriesLecture Notes in Computer Science
Subjects
Problem Frame
Security Engineering
Security Problem
Security Requirement
Sequence Diagram
Online AccessGet full text
ISBN9783540346401
3540346406
ISSN0302-9743
1611-3349
DOI10.1007/11766155_17

Cover

More Information
Summary:We present a method for security engineering, which is based on two special kinds of problem frames that serve to structure, characterize, analyze, and finally solve software development problems in the area of software and system security. Both kinds of problem frames constitute patterns for representing security problems, variants of which occur frequently in practice. We present security problem frames, which are instantiated in the initial step of our method. They explicitly distinguish security problems from their solutions. To prepare the solution of the security problems in the next step, we employ concretized security problem frames capturing known approaches to achieve security. Finally, the last step of our method results in a specification of the system to be implemented given by concrete security mechanisms and instantiated generic sequence diagrams. We illustrate our approach by the example of a secure remote display system.
ISBN:9783540346401
3540346406
ISSN:0302-9743
1611-3349
DOI:10.1007/11766155_17