Modeling and Utilizing Security Knowledge for Eliciting Security Requirements

  • Tatsuya Abe
  • Shinpei Hayashi
  • Motoshi Saeki
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9382)


In order to develop secure information systems with less development cost, it is important to elicit the requirements to security functions (simply security requirements) as early in their development process as possible. To achieve it, accumulated knowledge of threats and their objectives obtained from practical experiences is useful, and the technique to support the elicitation of security requirements utilizing this knowledge should be developed. In this paper, we present the technique for security requirements elicitation using practical knowledge of threats, their objectives and security functions realizing the objectives, which is extracted from Security Target documents compliant to the standard Common Criteria. We show the usefulness of our approach with several case studies.


Security requirements elicitation Threat pattern Common criteria 



This work was partly supported by JSPS Grants-in-Aid for Scientific Research (#15K00088).


  1. 1.
    Common Criteria : New CC Portal.
  2. 2.
    Abe, T., Hayashi, S., Saeki, M.: Modeling security threat patterns to derive negative scenarios. In: Proceedings APSEC, pp. 58–66 (2013)Google Scholar
  3. 3.
    Elahi, G., Yu, E., Zannone, N.: A modeling ontology for integrating vulnerabilities into security requirements conceptual foundations. In: Proceeding of the ER, pp. 99–114 (2009)Google Scholar
  4. 4.
    Hernan, S., Lambert, S., Ostwald, T., Shostack, A.: Threat modeling: Uncover security design flaws using the STRIDE approach (2006).
  5. 5.
    Kaiya, H., Sakai, J., Ogata, S., Kaijiri, K.: Eliciting security requirements for an information system using asset flows and processor deployment. IJSSE 4(3), 42–63 (2013)Google Scholar
  6. 6.
    Saeki, M., Kaiya, H.: Security requirements elicitation using method weaving and common criteria. In: Chaudron, M.R.V. (ed.) MODELS 2008. LNCS, vol. 5421, pp. 185–196. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  7. 7.
    Saeki, M., Hayashi, S., Kaiya, H.: Enhancing goal-oriented security requirements analysis using common criteria-based knowledge. IJSEKE 23(5), 695–720 (2013)Google Scholar
  8. 8.
    Taentzer, G.: AGG: A graph transformation environment for modeling and validation of software. In: Pfaltz, J.L., Nagl, M., Böhlen, B. (eds.) AGTIVE 2003. LNCS, vol. 3062, pp. 446–453. Springer, Heidelberg (2004) CrossRefGoogle Scholar
  9. 9.
    Yoshioka, N., Washizaki, H., Maruyama, K.: A survey on security patterns. Prog. Inform. 5, 35–47 (2008)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.Department of Computer ScienceTokyo Institute of TechnologyMeguro-kuJapan

Personalised recommendations