共同研究先:Open University Milton KeynesAcademic 共同研究数 4
Book Chapter 2010
Security patterns: Comparing modeling approaches
セキュリティパターン モデリングアプローチの比較
Armstrong Nhlabatsi, Arosha Bandara, Shinpei Hayashi, Charles B. Haley, Jan Jurjens, Haruhiko Kaiya, Atsuto Kubo, Robin Laney, Haralambos Mouratidis, Bashar Nuseibeh, Thein T. Tun, Hironori Washizaki, Nobukazu Yoshioka, Yijun Yu Software Engineering for Secure Systems: Industrial and Research Perspectives
Conference Paper 2008 ACM:Association for Computing Machinery
Enforcing a security pattern in stakeholder goal models
ステークホルダーゴールモデルにおけるセキュリティパターンの適用
Yijun Yu, Haruhiko Kaiya, Hironori Washizaki, Yingfei Xiong, Zhenjiang Hu, Nobukazu Yoshioka Proceedings of the ACM Conference on Computer and Communications Security
【抄録】Patterns are useful knowledge about recurring problems and solutions. Detecting a security problem using patterns in requirements models may lead to its early solution. In order to facilitate early detection and resolution of security problems, in this paper, we formally describe a role-based access control (RBAC) as a pattern that may occur in stakeholder requirements models. We also implemented in our goal-oriented modeling tool the formally described pattern using model-driven queries and transformations. Applied to a number of requirements models published in literature, the tool automates the detection and resolution of the security pattern in several goal-oriented stakeholder requirements. Copyright 2008 ACM.