Title :
The Security Requirements Behavior Model for Trustworthy Software
Author :
Saleh, Kassem ; Habil, Maryam
Author_Institution :
Kuwait Univ., Kuwait City
Abstract :
The demand for web services and applications in cyberspace is hindered by security concerns that are raised by corporate service providers and service users. There are concerns about the trustworthiness of the web services from both sides of the spectrum. Testing web services security is a critical step towards enhancing their trustworthiness. To address these issues, we propose a comprehensive framework for specifying security requirements for web services and web applications. Based on these comprehensive security requirements specifications, formal security test case generation can then be derived and performed. In this paper, we introduce the Security Requirements Behavior Model (SRBM) to help obtaining secure and hence trustworthy web services and applications. Using Firesmith´ security requirements categories, the SRBM is based on Sindre´s misuse cases, Firesmith´s security use cases, and the operational model of computer security.
Keywords :
Web services; security of data; Web services; computer security; formal security; security requirements behavior model; trustworthy software; Application software; Computer science; Computer security; Information science; Information security; Performance evaluation; Protection; Software safety; Testing; Web services; requirements; security; software; trustworthy;
Conference_Titel :
e-Technologies, 2008 International MCETECH Conference on
Conference_Location :
Montreal, Que.
Print_ISBN :
978-0-7695-3082-6
DOI :
10.1109/MCETECH.2008.19
