Abstract
This paper argues for performing information-flow-based securityanalysis in the first phase of the software development life cycle itself ie in the requirements elicitation phase. Message Sequence Charts (MSC)s have been widely accepted as a formal scenario-based visual notation for writing down requirements. In this paper, we discuss a method for checking if a TMSC (Triggered Message Sequence Chart), a recently propsed enhancement to classical MSCs, satisifes one of the most important information flow properties namely non-interference.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Message sequence charts (MSC). ITU-TS Recommendation Z.120 (1996)
Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Comm. of the ACM 20(7), 504–513 (1977)
Wagner, D.: Static analysis and computer security:new techinques for software assurance. PhD thesis, University of California, Berkeley (2000)
Fenton, J.S.: Information protection systems. Ph.D thesis, University of Cambridge, England (1973)
Ryan, P.: Mathematical models of computer security–tutorial lectures. Foundations of Security Analysis and Design 2171, 1–62 (2001)
Reniers, M.A.: Message sequence chart: Syntax and semantics. PhD Thesis, Eindhoven University of Technology (1998)
Focardi, R., Gorrieri, R., Martinelli, F.: Information flow analysis in a discrete-time process algebra. In: IEEE Computer Security Foundations Workshop, pp. 170–184 (2000)
Ryan, P.: A csp formulation of non-interference and unwinding. Presented at CSFW 1990 and published in Cipher, Winter (1990-1991)
Sengupta, B., Cleaveland, R.: Refinement-based requirements modeling using triggered message sequence charts. In: IEEE International Requirements Engineering Conference (2003)
Sengupta, B.: Triggered message sequence charts. Ph.D Thesis, State University of New York, Stony Brook (2003)
Sengupta, B., Cleaveland, R.: Triggered message sequence charts. In: Proceedings of ACM SIGSOFT Foundations of Software Engineering, pp. 167–176 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ray, A., Sengupta, B., Cleaveland, R. (2004). Secure Requirements Elicitation Through Triggered Message Sequence Charts. In: Ghosh, R.K., Mohanty, H. (eds) Distributed Computing and Internet Technology. ICDCIT 2004. Lecture Notes in Computer Science, vol 3347. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30555-2_32
Download citation
DOI: https://doi.org/10.1007/978-3-540-30555-2_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24075-4
Online ISBN: 978-3-540-30555-2
eBook Packages: Computer ScienceComputer Science (R0)