Zhi-wei YU,Ren-zhong TANG

DOI: https://doi.org/10.3785/j.issn.1008-973X.2007.08.003

2007-01-01

Abstract:A method of analyzing security objectives of business process elements (BPEs) was presented to determine the security requirements of business processes. According to the business process model, the initial security objectives of BPEs were identified based on a general classification. And the weighting coefficients of the security objectives of activities were affirmed by calculating the in-degree and out-degree of activities. The consistency checking rules and revising principles were brought forward to check and modify the security objectives, the final security objectives of BPEs were obtained. A case study showed that the proposed method could be used to get the security objectives of BPEs objectively.

YU Zhi-wei,TANG Ren-zhong

DOI: https://doi.org/10.3785/j.issn.1008-973x.2007.11.026

2007-01-01

Abstract:In order to overcome the shortcomings of the existing information system models,an information system security model was proposed to protect business activities and describe information systems from security view.Through analyzing the characteristic and security of information systems,this work presented the fundamental elements and their operation relationships,and the need,permit,can security constraints between the elements.The security relationships of the fundamental elements were described with formal method.The security model substantially reflects the security relationship between the assets of information systems,explicitly posts the essence that the information system supports the business operation,and clarities the relationship between business activities and the assets of information systems.Finally a case of security model of a manufacturing enterprise information system was given.

黄益民,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2001.06.005

2001-01-01

Abstract:After study of existing security models; analysis of information flow model, Bell-LaPadula(BLP) access control model and Biba access control model; and collation and comparison of their advantages and disadvantages, an improved model is put forward that satisfies the actual demands of information security. An implementation strategy is put forward that ensures information security, reliability, practicality and compatibility in the designed security system. An implementation scheme of this security system and its components and functions is provided. This system combines the following functions: mandatory access contro1, privilege separation, security audit, identity authentication and self-protection. It achieves the level 3 of national information security standard and level B1 of TCSEC standard. It was implemented in the Windows NT and Linux operating system and has yielded good resultsin application.

Yuhong Wen,Haihong Zhao,Lin Liu

DOI: https://doi.org/10.1109/RePa.2011.6046726

2011-01-01

Abstract:Security requirements analysis for business information systems in today's networked organization is difficult due to the complexity of the systems and the frequent change in the environment. Thus, it requires security knowledge to be explicitly represented, and well understood by system analysts and designer, which in turn being applied in feasible problem contexts. System requirements are often represented in modelling frameworks with different analytical focus, so security requirements knowledge shall reflect such difference and form an integrated treatment. This paper proposes to use modelling concepts from the i* and PF modeling language to capture recurring patterns of security problems. The main concepts used are actors, assets, and relations such as ownership and permissions. The major contribution of the approach is proposing the specific problem frames such as ownership, authorization, attack and protection, by decomposing a large problem into sub-problems (base frames), then evaluate the potential threats (attacking frames) applicable to each sub-problem by evaluate the compatibility of the two, security analysis is integrated into the system design process from the outset. The proposal can be generalized to the design of defensive measures as well as other NFR treatments. © 2011 IEEE.

LI Bing,WANG Shengyuan,BAO Xuhua,SHA Hailiang

DOI: https://doi.org/10.3321/j.issn:1000-0054.2009.z2.012

2009-01-01

Abstract:An information security risk assessment method was developed to accurately measure information securlty risks using business process state analysis.The method defines the key performance indicator of the business process (the process period) as the risk scale, so changes in the process period indicate the risk.The occurrence of threads affects the operation of the information system, eventually resulting in state transitions of business process/activities hosted by the information system.The changes in the process period(i.e., risk)are obtained by analyzing the state transitions.Therefore, information security risk calculation is converted into solving for changes of the business process period.Test using this algorithm show that the influence of threats to the information svstem on the business system can be calculated, thereby confirming the accuracy and validity of the algorithm.

Shi Jian,Guo Shanqing,Xie Li

DOI: https://doi.org/10.3321/j.issn:1002-8331.2006.01.034

2006-01-01

Abstract:Risk assessment is critical to establishing an effective Information Security Management System and it is the foundation of information system security systematism.After introducing information security risk assessment briefly,this paper provides a real-time risk assessment method using qualitative and quantitative assessment synthetically.By analyzing the assets,vulnerabilities and threats of information system,this method can evaluate the risk of the system in real time with the events produced by security devices.

HU Yan,XIE Xiao-rong,XIN Yao-zhong

DOI: https://doi.org/10.3321/j.issn:1000-3673.2006.04.008

2006-01-01

Abstract:Power information system is a typical distributed and interconnected system, which needs a systematic security design method. The authors analyze the features and defects of existing security design methods such as risk management method, guideline adherence, formal verification, find and fix approach and preventive design approach, and summarize the research results, which are available for reference, such as information system security engineering, analysis and design of survivable systems and security requirements analysis methods. The ten points to assess security design methods proposed in this paper can be used to classify and compare various security design methods, which can promote the research of security design process.

Xiamoneg Su,Damiano Bolzoni,Pascal van Eck

DOI: https://doi.org/10.48550/arXiv.cs/0603129

2006-03-31

Cryptography and Security

Abstract:In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is not achievable and the limited resources available should be directed to satisfy the most important ones. We propose to link explicitly security requirements with the organization's business vision, i.e. to provide business rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements. A conceptual framework is presented, where the relationships between business vision, critical impact factors and valuable assets (together with their security requirements) are shown.

张国锋,何俊,徐从富

DOI: https://doi.org/10.3724/sp.j.1087.2008.02926

2008-01-01

Journal of Computer Applications

Abstract:With the introduction of the Service Oriented Architecture(SOA),the integration and development speed of software systems will become quicker and quicker.But the security mechanism of software systems has to be rebuilt when they are developed.Moreover,security mechanism becomes more complex when the number of software systems increases rapidly.A Business Process Execution Language(BPEL)-based method for general security control module design was proposed,which reduced the development and management work.The operation mechanism of right module was exemplified by the account integration of Enterprise Resource Planning(ERP) in manufacturing with e-business system.

WANG Wei,LI Chun-ping,LI Jian-bin

DOI: https://doi.org/10.16208/j.issn1000-7024.2007.14.060

2007-01-01

Abstract:Safe field in the information,the risk assessment is foundation and premises that builds up the safe system of the information system,but the risk assessment method rises to the usefulness of the assessment prominent function.The risk assessment method contain a lot of kinds,each method have it the place of the shortage.The risk assessment method adopted threat tree model and analytical hierarchy process that method combine together,made use of two kinds of vantages that assessment method,made up the shortage of the one risk assessment method,the aim is search into a kind of more valid,more reasonable and more accurate risk assessment method.

SHA Hailiang,ZHENG Guizhou,WANG Shengyuan,CHEN Zhong

DOI: https://doi.org/10.3778/j.issn.1002-8331.2011.10.061

2011-01-01

Computer Engineering and Applications Journal

Abstract:In order to accurately evaluate the impact to business,which is from the risk of information security,this paper provides a method based on the state changes of business activities.This method explains the impact that the state transition of information system makes the delay of business procedure when this risk is being solved,and makes the delay as a benchmark to evaluate the impact of risk to business.The business procedure delay is one of the most critical indicators.In the end,this paper proves the accuracy of this method by the analysis of example.

YU Eric

2006-01-01

Abstract:We propose a methodological framework for designing security systems.This framework is founded on agent-oriented i* requirement modeling framework.We propose to use social modeling concepts to analyze the business and organizational context of systems with regard to security.This methodological framework encompasses analysis on the functional and non-functional requirements in relevance to security,making trade-off when design,thus integrating security into the system design process from the outset.This paper uses the Online Ordering example for illustration.

Y Hu,XR Xie,YZ Xin

DOI: https://doi.org/10.1109/pes.2004.1372957

2005-01-01

Abstract:This paper presents a modeling language and a quantitative evaluation approach for the security of power information systems. We firstly design a security architecture design trace language to universally describe system structures, services, security policies, attack behaviors and countermeasures. Next an automated risk analysis algorithm is proposed to get attack traces of power information systems. Then, based on the concept of relative security degree, security architecture can be quantitatively evaluated. Finally, with a case study in a real power information system, the effectiveness of the presented approach is demonstrated. In practice, the approach can be employed for assessing various kinds of countermeasures, such as increasing a new security function, adjusting system self structure, and changing customer operation requirements. And it can greatly decrease the subjectivity of counter-measure selection.

Tong Li,Lin Liu,Golnaz Elahi,Eric Yu,Barrett R. Bryant

DOI: https://doi.org/10.1109/COMPSACW.2010.98

2010-01-01

Abstract:Security analysis is a knowledge intensive process, in which the attackers and the system owners are competing with their knowledge about how the system is built, what are the weakest points of the system, and how to exploit or to protect them. In other words, it is a race of knowledge. In this paper, we present a service security modeling approach based on the agent-oriented requirement modeling framework, i*. In this approach, we first model system actors' rationale for delivery of the service function. Then, we model a malicious actor whose intention is to disable the system functionality by exploiting their knowledge about the service and potential attacks. We assume that attackers have full knowledge about the system, which is the worst case scenario. Finally, the method automatically identifies attack routes across the actors' dependency network based on the available knowledge. We use a recent network attack event to a major Internet service provider to illustrate the approach.

Junjie Zhao,Bingfeng Xu,Xinkai Chen,Bo Wang,Gaofeng He

DOI: https://doi.org/10.1109/cbd58033.2022.00055

2022-01-01

Abstract:To solve the problem of an excessive number of component vulnerabilities and limited defense resources in industrial cyber physical systems, a method for analyzing security critical components of system is proposed. Firstly, the components and vulnerability information in the system are modeled based on SysML block definition diagram. Secondly, as SysML block definition diagram is challenging to support direct analysis, a block security dependency graph model is proposed. On this basis, the transformation rules from SysML block definition graph to block security dependency graph are established according to the structure of block definition graph and its vulnerability information. Then, the calculation method of component security importance is proposed, and a security critical component analysis tool is designed and implemented. Finally, an example of a Drone system is given to illustrate the effectiveness of the proposed method. The application of this method can provide theoretical and technical support for selecting key defense components in the industrial cyber physical system.

Golnaz Elahi,Eric Yu,Tong Li,Lin Liu

DOI: https://doi.org/10.1109/compsac.2011.48

2011-01-01

Abstract:Various governmental or academic institutes survey current security trends, and report vulnerabilities, security breaches, and their costs. However, it is unclear whether (and how) practitioners analyze these vulnerabilities and attacks to arrive at security requirements and decide on security solutions. What modeling methods are used for eliciting, analyzing, and documenting security requirements in real-world practice? This paper intends to answer such questions through a survey of security requirements engineering practices. 374 software professionals from 237 International and Chinese firms participated in the survey. The results show businesses often try to consider security from early stages of the development life cycle, however, ultimately, security is left to be built into the system at the implementation phase. We observed that practitioners favour qualitative risk assessment rather than quantitative approaches, and this helps them consider more varieties of factors when comparing alternative security design solutions.

Jia Guo,Yingkai Bao,Bin Yu,Zhian Zeng,Liangyi Wang,Chuangxin Guo

DOI: https://doi.org/10.1109/powercon.2014.6993773

2014-01-01

Abstract:Due to the popularity of intelligent electronic device and digital information transmission in intelligent substation, the security issues of the SAS have become increasingly prominent, it is necessary to carry out security risk assessment for the SAS. This paper proposed a methodology for the security risk assessment of the SAS, the function-based model (FBM) was proposed according to IEC 61850, by which the SAS could be decomposed into functions. Secondly, a method for calculating the function failure probability was presented, referring to information security risk assessment norms, function value was defined to measure the loss of function failure. Based on AHP (analytic hierarchy process, AHP), the transmission weights of function risk were calculated, to integrate function risk into system risk Based on the sensitivity analysis, the assessment and ranking for different parts of SAS are completed, and the weaknesses of SAS are found. Finally, Taking Tl-1 substation SAS system as an example, the feasibility and applicability of the proposed method was verified.

Fábio José Muneratti Ortega,Wilson Vicente Ruggiero

DOI: https://doi.org/10.48550/arXiv.1304.5938

2013-04-22

Cryptography and Security

Abstract:This paper introduces a formal metamodel for the specification of security policies for workflows in online service systems designed to be suitable for the modeling and analysis of complex business-related rules as well as traditional access control. A translation of the model into a colored Petri net is shown and an example of policy for an online banking system is described. By writing predicates for querying the resulting state-space of the Petri net, a connection between the formalized model and a higher-level description of the security policy can be made, indicating the feasibility of the intended method for validating such descriptions. Thanks to the independent nature among tasks related to different business services, represented by restrictions in the information flow within the metamodel, the state-space may be fractioned for analysis, avoiding the state-space explosion problem. Related existing models are discussed, pointing the gain in expressiveness of business rules and the analysis of insecure state paths rather than simply insecure states in the proposed model. The successful representation and analysis of the policy from the example combined with reasonings for the general case attest the adequacy of the proposed approach for its intended application.

Juan Li,Ross Jeffery,Kam Hay Fung,Liming Zhu,Qing Wang,He Zhang,Xiwei Xu

DOI: https://doi.org/10.1007/978-3-642-32885-5_16

2012-01-01

Abstract:Dependencies among software artifacts are very useful for various software development and maintenance activities such as change impact analysis and effort estimation. In the past, the focus on artifact dependencies has been at the design and code level rather than at the requirements level. This is due to the difficulties in identifying dependencies in a text-based requirements specification. We observed that difficulties reside in the disconnection among itemized requirements and the lack of a more systematic approach to write text-based requirements. Business process models are an increasingly important part of a requirements specification. In this paper, we present a mapping between workflow patterns and dependency types to aid dependency identification and change impact analysis. Our real-world case study results show that some participants, with the help of the mapping, discovered more dependencies than other participants using text-based requirements only. Though many of these additional dependencies are highly difficult to spot from the text-based requirements, they are however very useful for change impact analysis.

Yuanqiang Wang,Zhihui Wang,Shangfu Hao,Baili Sun

DOI: https://doi.org/10.1007/978-3-642-22456-0_27

2011-01-01

Abstract:By analysis information system security situation and research the requirement of security of Teaching and Researching Management System which was implemented in our projects, a new security system strategy was presented based on audit log files combing with the RBAC access control technology. At the same time, we redesigned and restructured the RBAC model to improve security procedures of our project. With using the new security audit model which provided by us, the security, reliability, forward looking of teaching and researching management system was improved.