Skip to main content
SpringerLink
Log in

Secure Requirements Elicitation Through Triggered Message Sequence Charts

  • Conference paper
Book cover Distributed Computing and Internet Technology (ICDCIT 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3347))

Abstract

This paper argues for performing information-flow-based securityanalysis in the first phase of the software development life cycle itself ie in the requirements elicitation phase. Message Sequence Charts (MSC)s have been widely accepted as a formal scenario-based visual notation for writing down requirements. In this paper, we discuss a method for checking if a TMSC (Triggered Message Sequence Chart), a recently propsed enhancement to classical MSCs, satisifes one of the most important information flow properties namely non-interference.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Message sequence charts (MSC). ITU-TS Recommendation Z.120 (1996)

    Google Scholar 

  2. Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Comm. of the ACM 20(7), 504–513 (1977)

    Article  MATH  Google Scholar 

  3. Wagner, D.: Static analysis and computer security:new techinques for software assurance. PhD thesis, University of California, Berkeley (2000)

    Google Scholar 

  4. Fenton, J.S.: Information protection systems. Ph.D thesis, University of Cambridge, England (1973)

    Google Scholar 

  5. Ryan, P.: Mathematical models of computer security–tutorial lectures. Foundations of Security Analysis and Design 2171, 1–62 (2001)

    Article  Google Scholar 

  6. Reniers, M.A.: Message sequence chart: Syntax and semantics. PhD Thesis, Eindhoven University of Technology (1998)

    Google Scholar 

  7. Focardi, R., Gorrieri, R., Martinelli, F.: Information flow analysis in a discrete-time process algebra. In: IEEE Computer Security Foundations Workshop, pp. 170–184 (2000)

    Google Scholar 

  8. Ryan, P.: A csp formulation of non-interference and unwinding. Presented at CSFW 1990 and published in Cipher, Winter (1990-1991)

    Google Scholar 

  9. Sengupta, B., Cleaveland, R.: Refinement-based requirements modeling using triggered message sequence charts. In: IEEE International Requirements Engineering Conference (2003)

    Google Scholar 

  10. Sengupta, B.: Triggered message sequence charts. Ph.D Thesis, State University of New York, Stony Brook (2003)

    Google Scholar 

  11. Sengupta, B., Cleaveland, R.: Triggered message sequence charts. In: Proceedings of ACM SIGSOFT Foundations of Software Engineering, pp. 167–176 (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science SUNY at Stony Brook, Stony Brook, NY, 11794-4400, USA

    Arnab Ray & Rance Cleaveland

  2. IBM India Research Labaratory, Block-1, Indian Institute of Technology, Hauz Khas, New Delhi, 110016, India

    Bikram Sengupta

Authors
  1. Arnab Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bikram Sengupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rance Cleaveland
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Technology, Kanpur, India

    R. K. Ghosh

  2. Department of Computer and Information Science, University of Hyderabad, Central University PO, 500 046, AP, India

    Hrushikesha Mohanty

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ray, A., Sengupta, B., Cleaveland, R. (2004). Secure Requirements Elicitation Through Triggered Message Sequence Charts. In: Ghosh, R.K., Mohanty, H. (eds) Distributed Computing and Internet Technology. ICDCIT 2004. Lecture Notes in Computer Science, vol 3347. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30555-2_32

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30555-2_32

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-24075-4

  • Online ISBN: 978-3-540-30555-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation