The security requirements in the software life cycle has received some attention recently. However, it is not yet clear how to build security requirements. This paper describes and illustrates a process to build application specific security requirements from state transition diagrams at the security threat location. Using security failure data, we identify security threat locations which attackers could use to exploit software vulnerabilities. A state transition diagram is constructed to be used to protect, mitigate, and remove vulnerabilities relative to security threat locations. In the software development process, security requirements are obtained from state transition diagrams relative to the security threat location. © Springer-Verlag Berlin Heidelberg 2005.
CITATION STYLE
Seo, S. C., You, J. H., Kim, Y. D., Choi, J. Y., Lee, S. J., & Kim, B. K. (2005). Building security requirements using state transition diagram at security threat location. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3802 LNAI, pp. 451–456). https://doi.org/10.1007/11596981_66
Mendeley helps you to discover research relevant for your work.