Security Requirements for Tolerating Security Failures

Abstract: Abstract-This paper describes security failure-tolerant requirements, which tolerate the failures of security services that protect applications from security attacks. A security service, such as authentication, confidentiality or integrity security service, can be always broken down as advanced attack skills are coined. There is no security service that is forever secure. This paper describes an approach to developing the security failure-tolerant use case that specifies the security requirements for tolerati… Show more

“…SFT requirements [14] are specified against threats to application systems. The threats can be identified by considering security assets described in the use case description.…”

“…A threat use case may not have a specific actor because an attacker can be any malicious persons or parties. A threat point [14] is defined in the use case description for an application use case where a security asset is contaminated if a security service is broken and there is not any SFT service to protect the asset. The threat to make order request use case in the online shopping system [27] is modeled in Fig.…”

“…Security failure-tolerant (SFT) requirements in our previous research [14] are specified to make applications tolerable when security services are breached. SFT requirements are modeled as SFT use cases, along with application use cases and security use cases, against the threats identified in application use cases.…”

“…The SFT approach aims at reducing the possibility of security damage to security assets in the applications from the breaches of security services. This paper is an extension of our research [14] by analyzing SFT requirements specification using the analysis model that represents the static and dynamic views of applications. The research in [14] specifies SFT requirements using SFT, security and application use cases against threats.…”

“…This paper is an extension of our research [14] by analyzing SFT requirements specification using the analysis model that represents the static and dynamic views of applications. The research in [14] specifies SFT requirements using SFT, security and application use cases against threats. This paper describes the analysis of the use cases and finds new threats, which are not identified in SFT requirements specification, and models the threats in the analysis model.…”

Analysis of Security-Failure Tolerant Requirements

“…SFT requirements [14] are specified against threats to application systems. The threats can be identified by considering security assets described in the use case description.…”

“…A threat use case may not have a specific actor because an attacker can be any malicious persons or parties. A threat point [14] is defined in the use case description for an application use case where a security asset is contaminated if a security service is broken and there is not any SFT service to protect the asset. The threat to make order request use case in the online shopping system [27] is modeled in Fig.…”

“…Security failure-tolerant (SFT) requirements in our previous research [14] are specified to make applications tolerable when security services are breached. SFT requirements are modeled as SFT use cases, along with application use cases and security use cases, against the threats identified in application use cases.…”

“…The SFT approach aims at reducing the possibility of security damage to security assets in the applications from the breaches of security services. This paper is an extension of our research [14] by analyzing SFT requirements specification using the analysis model that represents the static and dynamic views of applications. The research in [14] specifies SFT requirements using SFT, security and application use cases against threats.…”

“…This paper is an extension of our research [14] by analyzing SFT requirements specification using the analysis model that represents the static and dynamic views of applications. The research in [14] specifies SFT requirements using SFT, security and application use cases against threats. This paper describes the analysis of the use cases and finds new threats, which are not identified in SFT requirements specification, and models the threats in the analysis model.…”

Analysis of Security-Failure Tolerant Requirements

Security Fault Tolerance for Access Control

An Agnostic Domain Specific Language for Implementing Attacks in an Automotive Use Case