THREAT-DRIVEN ARCHITECTURAL DESIGN OF SECURE INFORMATION SYSTEMS

Joshua Pauli; Dianxiang Xu

doi:10.5220/0002549501360143

THREAT-DRIVEN ARCHITECTURAL DESIGN OF SECURE INFORMATION SYSTEMS

Joshua Pauli, Dianxiang Xu

2005

Abstract

To deal with software security issues in the early stages of system development, this paper presents a threat-driven approach to the architectural design and analysis of secure information systems. In this approach, we model security threats to systems with misuse cases and mitigation requirements with mitigation use cases at the requirements analysis phase. Then we drive system architecture design (including the identification of architectural components and their connections) by use cases, misuse cases, and mitigation use cases. According to the misuse case-based threat model, we analyze whether or not a candidate architecture is resistant to the identified security threats and what constraints must be imposed on the choices of system implementation. This provides a smooth transition from requirements specification to high-level design and greatly improves the traceability of security concerns in high assurance information systems. We demonstrate our approach through a case study on a security-intensive payroll information system.

Download

Paper Citation

in Harvard Style

Pauli J. and Xu D. (2005). THREAT-DRIVEN ARCHITECTURAL DESIGN OF SECURE INFORMATION SYSTEMS . In Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 972-8865-19-8, pages 136-143. DOI: 10.5220/0002549501360143

in Bibtex Style

@conference{iceis05,
author={Joshua Pauli and Dianxiang Xu},
title={THREAT-DRIVEN ARCHITECTURAL DESIGN OF SECURE INFORMATION SYSTEMS},
booktitle={Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2005},
pages={136-143},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002549501360143},
isbn={972-8865-19-8},
}

in EndNote Style

TY - CONF
JO - Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - THREAT-DRIVEN ARCHITECTURAL DESIGN OF SECURE INFORMATION SYSTEMS
SN - 972-8865-19-8
AU - Pauli J.
AU - Xu D.
PY - 2005
SP - 136
EP - 143
DO - 10.5220/0002549501360143