Title :
An Aspect-Oriented Approach to Security Requirements Analysis
Author :
Xu, Dianxiang ; Goel, Vivek ; Nygard, Kendall
Author_Institution :
Dept. of Comput. Sci., North Dakota State Univ., Fargo, ND
Abstract :
This paper presents an aspect-oriented approach to integrated elicitation of functional and security requirements based on use case-driven development. We identify security threats with respect to use cases and adopt threat mitigations for preventing or reducing security threats. To capture crosscutting nature of threats and mitigations, we specify them as aspects that encapsulate pointcuts and advice. A threat (mitigation) pointcut is a collection of join points in use cases at which the use cases are threatened (secured); whereas threat/mitigation advice describes how a threat can become an attack (can be mitigated). Eliciting threats and mitigations as aspects provides a structured way for separating functional and security concerns
Keywords :
formal specification; object-oriented programming; security of data; aspect-oriented approach; aspect-oriented software development; functional requirements; security requirement analysis; security requirements; security threats; threat mitigations; threat pointcut; use case-driven development; Application software; Computer applications; Computer science; Computer security; Neodymium; Programming; Security requirements; aspect-oriented; mitigation.; software development; threats; use case;
Conference_Titel :
Computer Software and Applications Conference, 2006. COMPSAC '06. 30th Annual International
Conference_Location :
Chicago, IL
Print_ISBN :
0-7695-2655-1
DOI :
10.1109/COMPSAC.2006.109
