Abstract
This paper proposes a formal definition of “ security ” in a composite system. By composite system, we mean a system which is composed of an automated and a human part. This split of systems in two parts characterizes the computer environment where human presence is unavoidable. Our results are a generalization of [6]. The scope of [6] was limited to three access modes, that is read, write, execute. In this paper, we extend this scope by addressing all possible operations. We also provide a syntactic way, based on the proposed security formal definition, of describing threats during the requirement analysis process. To handle the security problem when designing a system, it is important to integrate threats in the requirements document. Up to now, there were only “ methods ” to derive threats [arbitrary or threat trees method], not to express them unambiguously.
Preview
Unable to display preview. Download preview PDF.
References
Amoroso,E.: Fundamentals di Computer security technology. Prentice Hall, New Jersey (1994)
Bell, D.,LaPadula, L.: Secure Computer System: Unified Exposition and Multics Interpretation. MTR2997, MITRE Corp. (1976)
Dardenne, A.; et al: Goal-directed Requirements Acquisition. Science of Comp. Progr., vol. 20 (1993), 3–50.
Kabasele-Tenday,J.M.: Threats in Teleteaching. To be presented at 7th WCCEE, Torino, Italy, (1998)
Jacobson, I., et al.: Object-Oriented Software Engineering, A Use case driven approach. Addison-Wesley. (1992)
McLean, J.: The Algebra of Security. IEEE Symposium on security and privacy, Oakland, CA,(1988)
Rumbaugh, J. et al: Object-oriented modeling and design. Prentice-Hall,New Jersey, (1991)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kabasele-Tenday, J.M. (1998). Specifying security in a composite system. In: Okamoto, E., Davida, G., Mambo, M. (eds) Information Security. ISW 1997. Lecture Notes in Computer Science, vol 1396. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0030425
Download citation
DOI: https://doi.org/10.1007/BFb0030425
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64382-1
Online ISBN: 978-3-540-69767-1
eBook Packages: Springer Book Archive