2013 Fiscal Year Final Research Report
A supporting system for predicting vulnerabilities and their countermeasures of an information system during requirements analysis
Project/Area Number |
23500042
|
Research Category |
Grant-in-Aid for Scientific Research (C)
|
Allocation Type | Multi-year Fund |
Section | 一般 |
Research Field |
Software
|
Research Institution | Shinshu University |
Principal Investigator |
|
Project Period (FY) |
2011 – 2013
|
Keywords | 要求工学 / モデリング / セキュリティ分析 / アッセトフロー / モデル検査 / システムアーキテクチャ / オントロジ |
Research Abstract |
We have developed a method for security requirements analysis. In the method, vulnerabilities and their countermeasures are systematically predicted on the basis of the dependencies among assets and a system architecture in a system to be developed. We can re-examine vulnerabilities and their countermeasures when the architecture is changed but system functionalities are not changed. We have also developed a supporting tool for enacting the method. The tool consists of three components: a modeling editor, a model checker and a visualizer. With the help of the tool, stakeholders including security experts can validate the predicted results of the method because the tool can automatically derive the candidates of vulnerabilities on the basis of our original model checking engine and visualize the derived results.
|
Research Products
(27 results)
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
[Presentation] Goal-oriented security requirements analysis for a system used in several different activities2013
Author(s)
Haruhiko Kaiya, Takao Okubo, Nobuyuki Kanaya, Yuji Suzuki, Shinpei Ogata, Kenji Kaijiri, and Nobukazu Yoshioka
Organizer
In Xavier Franch and Pnina Soffer, editors, Advanced Information Systems Engineering Workshops, of Lecture Notes in Business Information Processing (LNBIP), The Third International Workshop on Information Systems Security Engineering - WISSE'13
Place of Presentation
Valencia, Spain
Year and Date
2013-06-18
-
-
-
-
-
-
-
-
-
-
-