VERIFICATION OF SCENARIOS USING THE COMMON CRITERIA

Atsushi Ohnishi, Hiroya Itoga

2008

Abstract

Software is required to comply with the laws and standards of software security. However, stakeholders with less concern regarding security can neither describe the behaviour of the system with regard to security nor validate the system’s behaviour when the security function conflicts with usability. Scenarios or use-case specifications are common in requirements elicitation and are useful to analyze the usability of the system from a behavioural point of view. In this paper, the authors propose both (1) a scenario language based on a simple case grammar and (2) a method to verify a scenario with rules based on security evaluation criteria.

References

  1. Alexander, I. F., and Maiden, N., 2004. “Scenarios, Stories, Use Cases - Through the Systems Development Life-Cycle”, John Wiley & Sons.
  2. Barish, R, 1997. ACM Conference Committee Job Description, Conference Manual, Section No. 6.1.1, http://www.acm.org/sig_volunteer_info/conference_m anual/6-1-1PC.HTM.
  3. Carroll, J.M., 2000. “Making Use: Scenario-based Design of Human Computer Interactions”, MIT Press.
  4. Cockburn, A., 2001. “Writing Effective Use Cases”, Addison Wesley, USA.
  5. Fillmore, C. J., 1968. “The Case for Case”, Universals in Linguistic Theory, ed. Bach & Harms, Holt, Rinehart and Winston Publishing, Chicago.
  6. “IEEE Std. 830-1998, 1998.” IEEE Recommended Practice for Software Requirements Specifications.
  7. “ISO/IEC 15408 common criteria, 2005.”
  8. McDermott, J. and Fox, C., 1999. “Using Abuse Case Models for Security Requirements Analysis”, Proceedings of the 15th IEEE Annual Computer Security Applications Conference (ACSAC'99), pp. 55-65.
  9. Ohnishi, A., 1996. “Software requirements specification database based on requirements frame model”, Proceedings of the Second IEEE International Conference on Requirements Engineering (ICRE'96), pp. 221-228.
  10. Ohnishi, A., Potts, C. 2001. Grounding Scenarios in Frame-Based Action Semantics, Proc. of 7th International Workshop on Requirements Engineering: Foundation of Software Quality (REFSQ'01), Interlaken, Switzerland, June 4-5, pp.177-182.
  11. Railway Information System Co., Ltd., 2001. JR System, http://www.jrs.co.jp/keiki/en/index_main.html.
  12. Schneier, B., 2001. Secrets & Lies Digital Security in a Networked World, John Wiley & Sons.
  13. Sindre, G. and Opdahl, A. L., 2005. “Eliciting security requirements with misuse cases,” Requirements Engineering, Vol. 10, pp. 34-44.
  14. Sutcliffe, A. G., Maiden, N. A. M., Minocha S., Manuel D., 1998. Supporting Scenario-Based Requirements Engineering, IEEE Trans. Software Engineering, Vol.24, No.12, pp.1072-1088.
  15. Toval, A., Nicolaus, J. Moros, B. and Gracia, F., 2002. Requirements Reuse for Improving Information Systems Security: A Practitioner's Approach, Requirements Engineering, Vol. 6, No. 4, pp. 205-219.
  16. Toyama, T., Ohnishi, A., 2005. Rule-based Verification of Scenarios with Pre-conditions and Post-conditions, Proc. Of the 13th IEEE International Conference on Requirements Engineering (RE'05), Paris, France, pp.319-328.
  17. Weidenhaupt, K., Pohl, K., Jarke, M., Haumer, P., 1998. Scenarios in System Development: Current Practice, IEEE Software, Vol.15, No.2, pp.34-45.
  18. Zhang, H. and Ohnishi, A., 2004. “Transformation between Scenarios from Different Viewpoints”, IEICE Transactions on Information and Systems, Vol. E87- D, No. 4, pp. 801-810.
Download


Paper Citation


in Harvard Style

Ohnishi A. and Itoga H. (2008). VERIFICATION OF SCENARIOS USING THE COMMON CRITERIA . In Proceedings of the Third International Conference on Software and Data Technologies - Volume 2: ICSOFT, ISBN 978-989-8111-52-4, pages 5-11. DOI: 10.5220/0001873900050011


in Bibtex Style

@conference{icsoft08,
author={Atsushi Ohnishi and Hiroya Itoga},
title={VERIFICATION OF SCENARIOS USING THE COMMON CRITERIA},
booktitle={Proceedings of the Third International Conference on Software and Data Technologies - Volume 2: ICSOFT,},
year={2008},
pages={5-11},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001873900050011},
isbn={978-989-8111-52-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Third International Conference on Software and Data Technologies - Volume 2: ICSOFT,
TI - VERIFICATION OF SCENARIOS USING THE COMMON CRITERIA
SN - 978-989-8111-52-4
AU - Ohnishi A.
AU - Itoga H.
PY - 2008
SP - 5
EP - 11
DO - 10.5220/0001873900050011