Accession Number:

ADA612733

Title:

Analyzing and Specifying Reusable Security Requirements

Descriptive Note:

Corporate Author:

CARNEGIE-MELLON UNIV PITTSBURGH PA

Personal Author(s):

Report Date:

2003-09-01

Pagination or Media Count:

6.0

Abstract:

A system cannot have high assurance if it has poor security, and thus, requirements for high assurance systems will logically include security requirements as well as availability, reliability, and robustness requirements. Unlike typical functional requirements, security requirements can potentially be highly reusable, especially if specified as instances of reusable templates. This paper discusses the value of reusable parameterized templates for specifying security requirements, provides an example of such a template and its associated usage, and outlines an asset-based analysis approach for determining the appropriate actual parameters to use when reusing parameterized templates to specify security requirements.

Subject Categories:

  • Test Facilities, Equipment and Methods

Distribution Statement:

APPROVED FOR PUBLIC RELEASE