Writing Security Specification with Things That Flow

  • Sabah Al-Fedaghi
  • Omar Alsumait
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 733)


In the field of security, writing a Request For Proposals (RFP) includes a description of specifications that requires careful definition of problems and an overview of how the system works. An important aspect in this context is how to generate technical specifications within the RFP. This “specification writing” is a complex subject that causes even design professionals such as architects and engineers to struggle. Typically an RFP is described in English, with graphs and tables, resulting in imprecise specifications of requirements. It has been proposed that conceptual representation such as UML diagrams and BPMN notations be included in any RFP. This paper examines RFP development of Public Key Infrastructure (PKI) and proposes a conceptual depiction as a supplement to the RFP to clarify requirements more precisely than traditional tools such as natural language, tables, and ad hoc graphs. A case study of an actual government ministry is presented with a model, i.e., diagrams that express how the features and services of PKI would logically operate in the requisite system.


RFP Public key infrastructure Conceptual modeling Diagrammatic representation 


  1. 1.
    Aagesen, G., Krogstie, J.: Analysis and design of business processes using BPMN. In: vom Brocke, J., Rosemann, M. (eds.) Handbook on Business Process Management 1, International Handbooks on Information Systems. Springer, Berlin (2010).
  2. 2.
    Al-Fedaghi, S.: Business process modeling: blueprinting. Int. J. Comput. Sci. Inf. Secur. 15(3), 286–291 (2017)Google Scholar
  3. 3.
    Al-Fedaghi, S.: Flow-based process modeling: application in BPMN and process-oriented software systems. In: Cybernetics Approaches in Intelligent Systems, pp. 86–98. Springer (2018).
  4. 4.
    Al-Fedaghi, S.: Conceptual modeling in simulation: a representation that assimilates events. Int. J. Adv. Comput. Sci. Appl. 7(10), 281–289 (2016)Google Scholar
  5. 5.
    Al-Fedaghi, S.: Design functional decomposition based on flow. In: IEEE International Conference on Systems, Man, and Cybernetics (IEEE SMC 2016), Budapest, 9–12 October 2016Google Scholar
  6. 6.
    Al-Fedaghi, S.: Diagrammatic modeling language for conceptual design of technical systems: a way to achieve creativity. Int. Rev. Autom. Control 9(4) (2016)Google Scholar
  7. 7.
    Al-Fedaghi, S., Alahmad, H.: Integrated modeling methodologies and languages. In: ACM 12th International Conference on Ubiquitous Information Management and Communication, Langkawi, 5–7 January 2018Google Scholar
  8. 8.
    Al-Fedaghi, S., Alahmad, H.: Orientation in conceptual modeling frameworks. In: The 3rd IEEE International Conference on Big Data Intelligence and Computing, Orlando, 6–10 November 2017Google Scholar
  9. 9.
    F.H. Black & Company: How to Prepare Better RFP Requirements Lists for IT Success, CaseWare (2017).
  10. 10.
    Douraid, A., Elhaq, S.L., Ech-Cheikh, H.: A conceptual and UML models of procurement process for simulation framework. Int. J. Comput. Sci. Issues (IJCSI) 9(6, no. 1) (2012)Google Scholar
  11. 11.
    Electoral Officer of Canada: Request for Proposal, Voting Services Modernization/Polling Place Process Enhancement, File No. ECRS-RFP-16-0167, 22 June 2017.
  12. 12.
    Hadrian, D., Evequoz, F.: CARES: Requirements Specification with BPMN 2.0 in WTO Procurement. Institut d’Informatique de Gestion, HES-SO Valais-Wallis (2014).
  13. 13.
    Posey, B.: A Beginner’s Guide to Public Key Infrastructure: PKI Can Help Keep Your Network Secure, But It Can Be a Hard Concept to Understand, 15 September 2005.
  14. 14.
    Silva Consultants: Writing an Effective RFP for Security Systems (2017).
  15. 15.
    Talhi, C., Mouheb, D., Lima, V., Debbabi, M., Wang, L., Pourzandi, M.: Usability of security specification approaches for UML design: a survey. J. Object Technol. 8(6), 103–122 (2009). Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Computer Engineering DepartmentKuwait UniversitySafatKuwait
  2. 2.Information Technology DepartmentMinistry of DefenseSafatKuwait

Personalised recommendations