講演抄録/キーワード |
講演名 |
2013-09-13 15:00
A classification method in identifying security patterns for a dependable Security Case
-- From Security Patterns to D-Case -- ○Vaise Patu・Nada Olayan・Shuichiro Yamamoto(Nagoya Univ.) KBSE2013-52 |
抄録 |
(和) |
Today's software systems are facing new and complicated challenges in confronting with security issues. There are lots of security tools and methods that are being created and used within institutes and organizations in order to mitigate risk, threats and vulnerabilities to
systems. However, the publicized information so far still has holes and limitations in postulating successful results. Results to issues such as to ?how to confront threats and vulnerabilities before they occur? and the ?how to present a case concerning the security of the system to its stakeholders through system assuredness.? (1) At the moment, without
assurance case there is no way to tell that a system or software meets its requirements in terms of safety, reliability, availability, security and dependability. (2) This papers concern is with the aspect of security. In order for a software system to achieve an adequate level of security, we need security assurance case. (3) This paper also discusses how we classify and identify security patterns in relation to D-Case. This is then to be use as a mechanism for capturing and communicating future system attacks before they took place. |
(英) |
Today's software systems are facing new and complicated challenges in confronting with security issues. There are lots of security tools and methods that are being created and used within institutes and organizations in order to mitigate risk, threats and vulnerabilities to
systems. However, the publicized information so far still has holes and limitations in postulating successful results. Results to issues such as to ?how to confront threats and vulnerabilities before they occur? and the ?how to present a case concerning the security of the system to its stakeholders through system assuredness.? (1) At the moment, without
assurance case there is no way to tell that a system or software meets its requirements in terms of safety, reliability, availability, security and dependability. (2) This papers concern is with the aspect of security. In order for a software system to achieve an adequate level of security, we need security assurance case. (3) This paper also discusses how we classify and identify security patterns in relation to D-Case. This is then to be use as a mechanism for capturing and communicating future system attacks before they took place. |
キーワード |
(和) |
Security Patterns / D-Case / Security Threats / Security Vulnerabilities / Assurance Case / Risk / / |
(英) |
Security Patterns / D-Case / Security Threats / Security Vulnerabilities / Assurance Case / Risk / / |
文献情報 |
信学技報, vol. 113, no. 215, KBSE2013-52, pp. 91-96, 2013年9月. |
資料番号 |
KBSE2013-52 |
発行日 |
2013-09-05 (KBSE) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
著作権に ついて |
技術研究報告に掲載された論文の著作権は電子情報通信学会に帰属します.(許諾番号:10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
PDFダウンロード |
KBSE2013-52 |