The Community for Technology Leaders
2013 IEEE 37th Annual Computer Software and Applications Conference (2006)
Chicago, Illinois
Sept. 17, 2006 to Sept. 21, 2006
ISSN: 0730-3157
ISBN: 0-7695-2655-1
pp: 79-82
Kendall Nygard , North Dakota State University, USA
Vivek Goel , North Dakota State University, USA
Dianxiang Xu , North Dakota State University, USA
ABSTRACT
This paper presents an aspect-oriented approach to integrated elicitation of functional and security requirements based on use case-driven development. We identify security threats with respect to use cases and adopt threat mitigations for preventing or reducing security threats. To capture crosscutting nature of threats and mitigations, we specify them as aspects that encapsulate pointcuts and advice. A threat (mitigation) pointcut is a collection of join points in use cases at which the use cases are threatened (secured); whereas threat/mitigation advice describes how a threat can become an attack (can be mitigated). Eliciting threats and mitigations as aspects provides a structured way for separating functional and security concerns.
INDEX TERMS
Security requirements, aspect-oriented software development, use case, threats, mitigation.
CITATION
Kendall Nygard, Vivek Goel, Dianxiang Xu, "An Aspect-Oriented Approach to Security Requirements Analysis", 2013 IEEE 37th Annual Computer Software and Applications Conference, vol. 02, no. , pp. 79-82, 2006, doi:10.1109/COMPSAC.2006.109
99 ms
(Ver )