Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
In order to develop secure information systems with less development cost, it is important to elicit the requirements to security functions (simply security requirements) as early in their development process as possible. To achieve it, accumulated knowledge of threats and their objectives obtained from practical experiences is useful, and the technique to support the elicitation of security requirements utilizing this knowledge should be developed. In this paper, we present the technique for security requirements elicitation using practical knowledge of threats, their objectives and security functions realizing the objectives, which is extracted from Security Target documents compliant to the standard Common Criteria. We show the usefulness of our approach with several case studies.
KeywordsSecurity requirements elicitation Threat pattern Common criteria
This work was partly supported by JSPS Grants-in-Aid for Scientific Research (#15K00088).
- 1.Common Criteria : New CC Portal. http://www.commoncriteriaportal.org/
- 2.Abe, T., Hayashi, S., Saeki, M.: Modeling security threat patterns to derive negative scenarios. In: Proceedings APSEC, pp. 58–66 (2013)Google Scholar
- 3.Elahi, G., Yu, E., Zannone, N.: A modeling ontology for integrating vulnerabilities into security requirements conceptual foundations. In: Proceeding of the ER, pp. 99–114 (2009)Google Scholar
- 4.Hernan, S., Lambert, S., Ostwald, T., Shostack, A.: Threat modeling: Uncover security design flaws using the STRIDE approach (2006). http://msdn.microsoft.com/en-us/magazine/cc163519.aspx
- 5.Kaiya, H., Sakai, J., Ogata, S., Kaijiri, K.: Eliciting security requirements for an information system using asset flows and processor deployment. IJSSE 4(3), 42–63 (2013)Google Scholar
- 7.Saeki, M., Hayashi, S., Kaiya, H.: Enhancing goal-oriented security requirements analysis using common criteria-based knowledge. IJSEKE 23(5), 695–720 (2013)Google Scholar