Accession Number : ADA431570


Title :   The Genesis of Cyberscience and its Mathematical Models (CYBERSCIENCE)


Descriptive Note : Final technical rept. Mar 2000-Feb 2004


Corporate Author : SRI INTERNATIONAL MENLO PARK CA SYSTEMDESIGN LAB


Personal Author(s) : Dawson, Steven


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a431570.pdf


Report Date : Feb 2005


Pagination or Media Count : 82


Abstract : The Cyberscience project has developed a framework for an integrated approach to secure systems development called security co-design. Acknowledging the need to integrate security into the development process from the beginning, but recognizing that security and functionality are different in character, security co-design separates development into security and functional tracks that strongly influence each other. The security co-design methodology aims to account for all critical aspects of development, including requirements capture, implementation, and the construction of an information assurance case (IAC). By analogy to safety cases, an IAC seeks to establish that the security requirements of the system are met, and to identify specific points of failure to be addressed if certain requirements are not met. The development of a methodology and tool support for the construction of IACs has been the primary focus of the Cyberscience project. This report documents the security co-design methodology, the principles and goals of IAC development, an exploration of tool support for IAC construction, and an examination of possible alternative approaches.


Descriptors :   *SECURE COMMUNICATIONS , *SOFTWARE TOOLS , *INFORMATION SECURITY , MATHEMATICAL MODELS , INTEGRATED SYSTEMS , INFORMATION ASSURANCE


Subject Categories : Computer Systems Management and Standards


Distribution Statement : APPROVED FOR PUBLIC RELEASE