Advertisement

Specifying security in a composite system

  • J. -M. Kabasele-Tenday
Security Management
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1396)

Abstract

This paper proposes a formal definition of “ security ” in a composite system. By composite system, we mean a system which is composed of an automated and a human part. This split of systems in two parts characterizes the computer environment where human presence is unavoidable. Our results are a generalization of [6]. The scope of [6] was limited to three access modes, that is read, write, execute. In this paper, we extend this scope by addressing all possible operations. We also provide a syntactic way, based on the proposed security formal definition, of describing threats during the requirement analysis process. To handle the security problem when designing a system, it is important to integrate threats in the requirements document. Up to now, there were only “ methods ” to derive threats [arbitrary or threat trees method], not to express them unambiguously.

Keywords

security security specification composite system threats secure system 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Amoroso,E.: Fundamentals di Computer security technology. Prentice Hall, New Jersey (1994)Google Scholar
  2. 2.
    Bell, D.,LaPadula, L.: Secure Computer System: Unified Exposition and Multics Interpretation. MTR2997, MITRE Corp. (1976)Google Scholar
  3. 3.
    Dardenne, A.; et al: Goal-directed Requirements Acquisition. Science of Comp. Progr., vol. 20 (1993), 3–50.Google Scholar
  4. 4.
    Kabasele-Tenday,J.M.: Threats in Teleteaching. To be presented at 7th WCCEE, Torino, Italy, (1998)Google Scholar
  5. 5.
    Jacobson, I., et al.: Object-Oriented Software Engineering, A Use case driven approach. Addison-Wesley. (1992)Google Scholar
  6. 6.
    McLean, J.: The Algebra of Security. IEEE Symposium on security and privacy, Oakland, CA,(1988)Google Scholar
  7. 7.
    Rumbaugh, J. et al: Object-oriented modeling and design. Prentice-Hall,New Jersey, (1991)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • J. -M. Kabasele-Tenday
    • 1
  1. 1.Unité Informatique - Université catholique de LouvainLouvain-la-NeuveBelgium

Personalised recommendations