MARC表示: Systematic secure design guideline to improve integrity and availability of system security

Systematic secure design guideline to improve integrity and availability of system security

Security is the most important dimension to the systems that involves processing and interchange of confidential information. Therefore it is a must to be designed so that they achieved a high level at security. Security specification languages can be used to represent security specification such as...

詳細記述

保存先:

書誌詳細
第一著者:	Krishnan, Ashvini Devi
フォーマット:	学位論文
出版事項:	2013
主題:	QA76 Computer software
オンライン･アクセス:	http://eprints.utm.my/id/eprint/41731/ http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:78168?queryType=vitalDismax&query=Systematic+secure+design+guideline+to+improve&public=true
タグ:	タグ追加タグなし, このレコードへの初めてのタグを付けませんか!

id	my.utm.41731
record_format	eprints
spelling	my.utm.417312020-06-29T01:10:13Z http://eprints.utm.my/id/eprint/41731/ Systematic secure design guideline to improve integrity and availability of system security Krishnan, Ashvini Devi QA76 Computer software Security is the most important dimension to the systems that involves processing and interchange of confidential information. Therefore it is a must to be designed so that they achieved a high level at security. Security specification languages can be used to represent security specification such as attack specification or to be more precise about who can do what and when, and this can be achieved by enforcing access control. The suitable approach to enforce access control is Role- Based Access Control (RBAC). Only secureUML metamodel is using RBAC as security mechanism. However, secureUML metamodel does not indicate the properties of supporting basic security requirements which focusing on integrity and availability, and even the consideration of situation that leads to different possible attacks. The objective of this dissertation is to propose a systematic secure design guideline by enhancing secureUML metamodel. The enhancement is performed by integrating with protection-levels of secured layers which provides protection for the critical assets in various layers to support integrity and availability and to identify possible internal threats based on scenario by using Step-by-Step Secure Design Guideline (3SDG). In order to use the enhanced secureUML metamodel for designing a secure system, it needs to follow 3SDG to identify and validate system process. 3SDG is a guideline which is formed by integrating Comprehensive, Lightweight Application Security Process (CLASP) design steps and Sommerville’s security guideline which most suitable design guideline. Both guidelines are mainly focuses on designing secure system. By using the enhanced secureUML metamodel with 3SDG in a case study, it ables to show the solution for selected internal threats to improve integrity and Availability. This will help security designer provide protection to the computer which the system runs, application and records from threats. This model and the guideline will able to help to design more persistence secure system to maintain security from internal attacks 2013 Thesis NonPeerReviewed Krishnan, Ashvini Devi (2013) Systematic secure design guideline to improve integrity and availability of system security. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computing. http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:78168?queryType=vitalDismax&query=Systematic+secure+design+guideline+to+improve&public=true
institution	Universiti Teknologi Malaysia
building	UTM Library
collection	Institutional Repository
continent	Asia
country	Malaysia
content_provider	Universiti Teknologi Malaysia
content_source	UTM Institutional Repository
url_provider	http://eprints.utm.my/
topic	QA76 Computer software
spellingShingle	QA76 Computer software Krishnan, Ashvini Devi Systematic secure design guideline to improve integrity and availability of system security
description	Security is the most important dimension to the systems that involves processing and interchange of confidential information. Therefore it is a must to be designed so that they achieved a high level at security. Security specification languages can be used to represent security specification such as attack specification or to be more precise about who can do what and when, and this can be achieved by enforcing access control. The suitable approach to enforce access control is Role- Based Access Control (RBAC). Only secureUML metamodel is using RBAC as security mechanism. However, secureUML metamodel does not indicate the properties of supporting basic security requirements which focusing on integrity and availability, and even the consideration of situation that leads to different possible attacks. The objective of this dissertation is to propose a systematic secure design guideline by enhancing secureUML metamodel. The enhancement is performed by integrating with protection-levels of secured layers which provides protection for the critical assets in various layers to support integrity and availability and to identify possible internal threats based on scenario by using Step-by-Step Secure Design Guideline (3SDG). In order to use the enhanced secureUML metamodel for designing a secure system, it needs to follow 3SDG to identify and validate system process. 3SDG is a guideline which is formed by integrating Comprehensive, Lightweight Application Security Process (CLASP) design steps and Sommerville’s security guideline which most suitable design guideline. Both guidelines are mainly focuses on designing secure system. By using the enhanced secureUML metamodel with 3SDG in a case study, it ables to show the solution for selected internal threats to improve integrity and Availability. This will help security designer provide protection to the computer which the system runs, application and records from threats. This model and the guideline will able to help to design more persistence secure system to maintain security from internal attacks
format	Thesis
author	Krishnan, Ashvini Devi
author_facet	Krishnan, Ashvini Devi
author_sort	Krishnan, Ashvini Devi
title	Systematic secure design guideline to improve integrity and availability of system security
title_short	Systematic secure design guideline to improve integrity and availability of system security
title_full	Systematic secure design guideline to improve integrity and availability of system security
title_fullStr	Systematic secure design guideline to improve integrity and availability of system security
title_full_unstemmed	Systematic secure design guideline to improve integrity and availability of system security
title_sort	systematic secure design guideline to improve integrity and availability of system security
publishDate	2013
url	http://eprints.utm.my/id/eprint/41731/ http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:78168?queryType=vitalDismax&query=Systematic+secure+design+guideline+to+improve&public=true
_version_	1672610436790353920
score	13.149126

Systematic secure design guideline to improve integrity and availability of system security

類似資料