Title :
A methodology for defining application-specific security requirements for C3 systems
Author :
Creps, Richard E.
Author_Institution :
Unisys Defense Syst., McLean, VA, USA
Abstract :
It is noted that novel approaches are needed to ensure that the potential security risks inherent in the technologically advanced C3 (command, control, and communications) systems of the future are overcome. Crucial to these approaches is the ability to define system security requirements and security policies early in the development process and to refine them as needed throughout the process. A security requirements definition methodology (SRDM) has been developed for addressing these needs by helping nonsecurity technologists analyze and specify the security requirements of their C3 applications in application-specific terms. SRDM features a security requirements specification language (SRSL); a library of reusable SRSL specification building blocks derived from a comprehensive taxonomy of C3 security requirements; and a requirements definition process to promote optimal use of the language and library
Keywords :
command and control systems; computer networks; military computing; military systems; security of data; C3 systems; application-specific security requirements; command control and communication systems; comprehensive taxonomy; computer networks; military systems; potential security risks; requirements definition process; reusable building blocks library; security policies; security requirements definition methodology; security requirements specification language; Communication system security; Computer networks; Distributed computing; Information security; Libraries; Military communication; Military computing; Modems; Specification languages; Taxonomy;
Conference_Titel :
Military Communications Conference, 1989. MILCOM '89. Conference Record. Bridging the Gap. Interoperability, Survivability, Security., 1989 IEEE
Conference_Location :
Boston, MA
DOI :
10.1109/MILCOM.1989.104050
