Security requirements for tolerating security failures

Michael Shin, Don Pathirage

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Scopus citations

Abstract

This paper describes security failure-Tolerant requirements, which tolerate the failures of security services that protect applications from security attacks. A security service, such as authentication, confidentiality or integrity security service, can be always broken down as advanced attack skills are coined. There is no security service that is forever secure. This paper describes an approach to developing the security failure-Tolerant use case that specifies the security requirements for tolerating the breaches of security services. A security failure-Tolerant use case is modeled along with application use case and security use case, and specified with application use case description. Threats to applications are identified and modeled to develop security failure-Tolerant requirements. Online shopping system is used for illustrating security failure-Tolerant requirements.

Original languageEnglish
Title of host publicationProceedings - SEKE 2017
Subtitle of host publication29th International Conference on Software Engineering and Knowledge Engineering
PublisherKnowledge Systems Institute Graduate School
Pages487-490
Number of pages4
ISBN (Electronic)1891706411
DOIs
StatePublished - 2017
Event29th International Conference on Software Engineering and Knowledge Engineering, SEKE 2017 - Pittsburgh, United States
Duration: Jul 5 2017Jul 7 2017

Publication series

NameProceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE
ISSN (Print)2325-9000
ISSN (Electronic)2325-9086

Conference

Conference29th International Conference on Software Engineering and Knowledge Engineering, SEKE 2017
CountryUnited States
CityPittsburgh
Period07/5/1707/7/17

Keywords

  • Application use case
  • Security failure-Tolerant use case
  • Security requirements
  • Security use case

Fingerprint Dive into the research topics of 'Security requirements for tolerating security failures'. Together they form a unique fingerprint.

Cite this