Eliciting Security Requirements for an Information System using Asset Flows and Processor Deployment
Haruhiko Kaiya, Junya Sakai, Shinpei Ogata and Kenji Kaijiri.
International Journal of Secure Software Engineering (IJSSE),
Vol. 4, Issue 3, pp. 42-63, Jul.-Sep. 2013. DOI: 10.4018/jsse.2013070103
The authors cannot comprehensively determine all of the vulnerabilities to an attack only from requirements descriptions. To resolve the problem, the authors propose a method for eliciting security requirements using the information about system architecture. The authors convert a use-case description into a variation of a data flow diagram called an asset-flow diagram (AFD). The authors then refine the AFDs based on a processor deployment diagram (PDD), which gives information about a system architecture. By using vulnerabilities patterns to an attack, the authors distinguish vulnerabilities to the attack that can be identifiable in AFDs from remaining vulnerabilities to the attack. To prohibit the former vulnerabilities, security requirements are defined as countermeasures and/or modification of existing requirements. To prevent the latter vulnerabilities, security requirements are defined as design and implementation constraints. Through an evaluation of a web application, the authors show that our method enables us to elicit security requirements against several different attacks in different system architectures.