Muutke küpsiste eelistusi

Security Requirements Engineering: Designing Secure Socio-Technical Systems [Kõva köide]

4.00/5 (2 hinnangut Goodreads-ist)
(Utrecht University), (University of Trento), (Universita degli Studi di Trento)
  • Formaat: Hardback, 224 pages, kõrgus x laius x paksus: 229x178x11 mm
  • Sari: Information Systems
  • Ilmumisaeg: 22-Jan-2016
  • Kirjastus: MIT Press
  • ISBN-10: 0262034212
  • ISBN-13: 9780262034210
Teised raamatud teemal:
Security Requirements Engineering: Designing Secure Socio-Technical SystemsSuurem pilt
  • Formaat: Hardback, 224 pages, kõrgus x laius x paksus: 229x178x11 mm
  • Sari: Information Systems
  • Ilmumisaeg: 22-Jan-2016
  • Kirjastus: MIT Press
  • ISBN-10: 0262034212
  • ISBN-13: 9780262034210
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9780262034210.html
Märksõnad:

Security requirements engineering is especially challenging because designers must consider not just the software under design but also interactions among people, organizations, hardware, and software. Taking this broader perspective means designing a secure socio-technical system rather than a merely technical system. This book presents a novel, model-driven approach to designing securesocio-technical systems. It introduces the Socio-Technical Modeling Language (STS-ML) and presents a freely available software tool, STS-Tool, that supports this design approach through graphical modeling, automated reasoning capabilities to verify the models constructed, and the automatic derivation of security requirements documents.

After an introduction to security requirements engineering and an overview of computer and information security, the book presents the STS-ML modeling language, introducing the modeling concepts used, explaining how to use STS-ML within the STS method for security requirements, and providing guidelines for the creation of models. The book then puts the STS approach into practice, introducing the STS-Tool and presenting two case studies from industry: an online collaborative platform and an e-Government system. Finally, the book considers other methods that can be used in conjunction with the STS method or that constitute an alternative to it. The book is suitable for course use or as a reference for practitioners. Exercises, review questions, and problems appear at the end of each chapter.

List of Figures
xiii
List of Tables
xvii
Preface xix
I INTRODUCTION
1(28)
1 Security Requirements Engineering
3(8)
1.1 The dawn of security requirements engineering
3(2)
1.2 The era of socio-technical systems
5(1)
1.3 Security in socio-technical systems
6(1)
1.4 On the need of a new approach
7(1)
1.5 Running example: healthcare
8(3)
2 An Overview of Computer and Information Security
11(18)
2.1 A security taxonomy
12(4)
2.1.1 Confidentiality
12(1)
2.1.2 Integrity
13(1)
2.1.3 Availability
14(1)
2.1.4 Authenticity
14(1)
2.1.5 Reliability
15(1)
2.1.6 Accountability
15(1)
2.2 Managing security: threat and risk analysis
16(6)
2.2.1 Identification of assets and threats
17(1)
2.2.2 Finding and assessing vulnerabilities
18(2)
2.2.3 Risk assessment
20(1)
2.2.4 Risk response: countermeasures
20(2)
2.3 Security mechanisms
22(5)
2.4
Chapter summary
27(1)
2.5 Exercises
27(2)
Review questions
27(2)
II THE STS-ml MODELING LANGUAGE
29(68)
3 The Socio-Technical Security Modeling Language
31(42)
3.1 The ten design principles for STS-ml
31(4)
3.2 Representing actors in socio-technical systems
35(11)
3.2.1 Actor types
35(2)
3.2.2 Actor assets
37(4)
3.2.3 Actor models
41(4)
3.2.4 Structuring information and documents
45(1)
3.3 Modeling the interactions among actors
46(5)
3.4 Events and threats
51(1)
3.5 Expressing security requirements in STS-ml
52(17)
3.5.1 Confidentiality
53(5)
3.5.2 Integrity
58(2)
3.5.3 Availability
60(2)
3.5.4 Authenticity
62(2)
3.5.5 Reliability
64(2)
3.5.6 Accountability
66(3)
3.6
Chapter summary
69(1)
3.7 Exercises
70(3)
Review questions
70(1)
Problems
71(2)
4 Social, Information, and Authorization Views
73(24)
4.1 Multi-view modeling in STS-ml
73(1)
4.2 Social view
74(13)
4.2.1 Concepts and intentional relationships
75(6)
4.2.2 Social relationships
81(1)
4.2.3 Events and threats
82(1)
4.2.4 Security requirements in the social view
82(5)
4.3 Information view
87(3)
4.4 Authorization view
90(3)
4.5
Chapter summary
93(1)
4.6 Exercises
94(3)
Review questions
94(1)
Problems
94(3)
III FROM STS-ml TO THE STS METHOD
97(34)
5 Automated Analysis of STS-ml Models
99(20)
5.1 Model well-formedness analysis
100(3)
5.1.1 Empty diagram
100(1)
5.1.2 Goal single decomposition
100(1)
5.1.3 Delegation child cycle
101(1)
5.1.4 Documents part-of cycle
101(1)
5.1.5 Information part-of cycle
101(1)
5.1.6 Information without ownership
102(1)
5.1.7 Authorizations validity
102(1)
5.1.8 Duplicate authorizations
102(1)
5.2 Requirements conflict analysis: security analysis
103(9)
5.2.1 Conflicting authorizations
103(2)
5.2.2 Conflicts between business policies and security requirements
105(7)
5.3 Threat analysis
112(2)
5.4 Improving a model through analysis
114(2)
5.4.1 Well-formedness analysis
114(1)
5.4.2 Security analysis
115(1)
5.4.3 Threat analysis
116(1)
5.5
Chapter summary
116(1)
5.6 Exercises
117(2)
Review questions
117(1)
Problems
117(2)
6 The Socio-Technical Security Method
119(12)
6.1 Method overview
119(2)
6.2 STS as part of software/systems engineering methods
121(1)
6.3 Process and roles
121(3)
6.4 Phase 1: social modeling
124(1)
6.5 Phase 2: information modeling
125(1)
6.6 Phase 3: authorization modeling
126(1)
6.7 Phase 4: automated analysis
126(1)
6.8 Phase 5: specification
127(1)
6.9
Chapter summary
128(1)
6.10 Exercises
128(3)
Review questions
128(1)
Problems
128(3)
IV STS IN PRACTICE: TOOL AND CASE STUDIES
131(42)
7 STS-Tool
133(10)
7.1 Modeling features
133(2)
7.2 Analysis support
135(1)
7.3 Security requirements derivation
136(3)
7.4 Architectural overview
139(1)
7.5
Chapter summary
140(1)
7.6 Exercises
141(2)
Review questions
141(1)
Problems
141(2)
8 STS Method in Action
143(30)
8.1 Trentino as a Lab
143(15)
8.1.1 Social modeling
144(5)
8.1.2 Information modeling
149(3)
8.1.3 Authorization modeling
152(2)
8.1.4 Automated analysis
154(4)
8.1.5 Specification
158(1)
8.2 E-Government
158(13)
8.2.1 Social modeling
160(3)
8.2.2 Information modeling
163(2)
8.2.3 Authorization modeling
165(2)
8.2.4 Automated analysis
167(3)
8.2.5 Specification
170(1)
8.3
Chapter summary
171(1)
8.4 Exercises
171(2)
Review questions
171(1)
Problems
172(1)
V BEYOND THE STS METHOD
173(22)
9 Alternative and Complementary Approaches
175(20)
9.1 Extensions of use cases
175(3)
9.2 Anti-goals
178(1)
9.3 Abuse frames
179(2)
9.4 SecureUML
181(1)
9.5 UMLsec
182(2)
9.6 Secure Tropos
184(1)
9.7 SI*
185(3)
9.8 SecBPMN
188(1)
9.9 SQUARE
189(2)
9.10 STRIDE
191(1)
9.11 Security patterns
192(1)
9.12 Summary
192(2)
9.13 Exercises
194(1)
Review questions
194(1)
Bibliography 195(4)
Index 199