Accession Number : ADA612733


Title :   Analyzing and Specifying Reusable Security Requirements


Corporate Author : CARNEGIE-MELLON UNIV PITTSBURGH PA


Personal Author(s) : Firesmith, Donald G


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a612733.pdf


Report Date : Sep 2003


Pagination or Media Count : 6


Abstract : A system cannot have high assurance if it has poor security, and thus, requirements for high assurance systems will logically include security requirements as well as availability, reliability, and robustness requirements. Unlike typical functional requirements, security requirements can potentially be highly reusable, especially if specified as instances of reusable templates. This paper discusses the value of reusable parameterized templates for specifying security requirements, provides an example of such a template and its associated usage, and outlines an asset-based analysis approach for determining the appropriate actual parameters to use when reusing parameterized templates to specify security requirements.


Descriptors :   *REUSABLE EQUIPMENT , *SECURITY , *TEMPLATES , AVAILABILITY , FUNCTIONS , REQUIREMENTS , SPECIFICATIONS


Subject Categories : Test Facilities, Equipment and Methods


Distribution Statement : APPROVED FOR PUBLIC RELEASE