- We will send in 10–14 business days.
/images/books/13174487/9783639094404.jpg)
- Author: Charles B Haley
- Publisher: VDM Verlag
- ISBN-10: 3639094409
- ISBN-13: 9783639094404
- Format: 15.2 x 22.9 x 0.7 cm, minkšti viršeliai
- Language: English
- SAVE -10% with code: EXTRA
Reviews
Description
This book presents a framework for security requirements elicitation and analysis. The framework is based on constructing a context for the system, representing security requirements as constraints, and developing satisfaction arguments for the security requirements. The system context is described using a problem-oriented notation, then is validated against the security requirements through construction of a satisfaction argument. The satisfaction argument consists of two parts: a formal argument that the system can meet its security requirements, and a structured informal argument challenging the assumptions in the formal argument. The construction of the satisfaction argument may fail, revealing either that the security requirement cannot be satisfied in the context, or that the context does not contain sufficient information to develop the argument. In this case, designers and architects are asked to provide additional design information to resolve the problems. The framework is evaluated by applying it to an analysis of security requirements within an air traffic control technology evaluation project.
EXTRA 10 % discount with code: EXTRA
The promotion ends in 21d.03:55:54
The discount code is valid when purchasing from 10 €. Discounts do not stack.
- Author: Charles B Haley
- Publisher: VDM Verlag
- ISBN-10: 3639094409
- ISBN-13: 9783639094404
- Format: 15.2 x 22.9 x 0.7 cm, minkšti viršeliai
- Language: English English
This book presents a framework for security requirements elicitation and analysis. The framework is based on constructing a context for the system, representing security requirements as constraints, and developing satisfaction arguments for the security requirements. The system context is described using a problem-oriented notation, then is validated against the security requirements through construction of a satisfaction argument. The satisfaction argument consists of two parts: a formal argument that the system can meet its security requirements, and a structured informal argument challenging the assumptions in the formal argument. The construction of the satisfaction argument may fail, revealing either that the security requirement cannot be satisfied in the context, or that the context does not contain sufficient information to develop the argument. In this case, designers and architects are asked to provide additional design information to resolve the problems. The framework is evaluated by applying it to an analysis of security requirements within an air traffic control technology evaluation project.
Reviews