Systematic secure design guideline to improve integrity and availability of system security

Security is the most important dimension to the systems that involves processing and interchange of confidential information. Therefore it is a must to be designed so that they achieved a high level at security. Security specification languages can be used to represent security specification such as...

Full description

Saved in:
Bibliographic Details
Main Author: Krishnan, Ashvini Devi
Format: Thesis
Published: 2013
Subjects:
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-utm-ep.41731
record_format uketd_dc
spelling my-utm-ep.417312020-06-29T01:10:13Z Systematic secure design guideline to improve integrity and availability of system security 2013 Krishnan, Ashvini Devi QA76 Computer software Security is the most important dimension to the systems that involves processing and interchange of confidential information. Therefore it is a must to be designed so that they achieved a high level at security. Security specification languages can be used to represent security specification such as attack specification or to be more precise about who can do what and when, and this can be achieved by enforcing access control. The suitable approach to enforce access control is Role- Based Access Control (RBAC). Only secureUML metamodel is using RBAC as security mechanism. However, secureUML metamodel does not indicate the properties of supporting basic security requirements which focusing on integrity and availability, and even the consideration of situation that leads to different possible attacks. The objective of this dissertation is to propose a systematic secure design guideline by enhancing secureUML metamodel. The enhancement is performed by integrating with protection-levels of secured layers which provides protection for the critical assets in various layers to support integrity and availability and to identify possible internal threats based on scenario by using Step-by-Step Secure Design Guideline (3SDG). In order to use the enhanced secureUML metamodel for designing a secure system, it needs to follow 3SDG to identify and validate system process. 3SDG is a guideline which is formed by integrating Comprehensive, Lightweight Application Security Process (CLASP) design steps and Sommerville’s security guideline which most suitable design guideline. Both guidelines are mainly focuses on designing secure system. By using the enhanced secureUML metamodel with 3SDG in a case study, it ables to show the solution for selected internal threats to improve integrity and Availability. This will help security designer provide protection to the computer which the system runs, application and records from threats. This model and the guideline will able to help to design more persistence secure system to maintain security from internal attacks 2013 Thesis http://eprints.utm.my/id/eprint/41731/ http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:78168?queryType=vitalDismax&query=Systematic+secure+design+guideline+to+improve&public=true masters Universiti Teknologi Malaysia, Faculty of Computing Faculty of Computing
institution Universiti Teknologi Malaysia
collection UTM Institutional Repository
topic QA76 Computer software
spellingShingle QA76 Computer software
Krishnan, Ashvini Devi
Systematic secure design guideline to improve integrity and availability of system security
description Security is the most important dimension to the systems that involves processing and interchange of confidential information. Therefore it is a must to be designed so that they achieved a high level at security. Security specification languages can be used to represent security specification such as attack specification or to be more precise about who can do what and when, and this can be achieved by enforcing access control. The suitable approach to enforce access control is Role- Based Access Control (RBAC). Only secureUML metamodel is using RBAC as security mechanism. However, secureUML metamodel does not indicate the properties of supporting basic security requirements which focusing on integrity and availability, and even the consideration of situation that leads to different possible attacks. The objective of this dissertation is to propose a systematic secure design guideline by enhancing secureUML metamodel. The enhancement is performed by integrating with protection-levels of secured layers which provides protection for the critical assets in various layers to support integrity and availability and to identify possible internal threats based on scenario by using Step-by-Step Secure Design Guideline (3SDG). In order to use the enhanced secureUML metamodel for designing a secure system, it needs to follow 3SDG to identify and validate system process. 3SDG is a guideline which is formed by integrating Comprehensive, Lightweight Application Security Process (CLASP) design steps and Sommerville’s security guideline which most suitable design guideline. Both guidelines are mainly focuses on designing secure system. By using the enhanced secureUML metamodel with 3SDG in a case study, it ables to show the solution for selected internal threats to improve integrity and Availability. This will help security designer provide protection to the computer which the system runs, application and records from threats. This model and the guideline will able to help to design more persistence secure system to maintain security from internal attacks
format Thesis
qualification_level Master's degree
author Krishnan, Ashvini Devi
author_facet Krishnan, Ashvini Devi
author_sort Krishnan, Ashvini Devi
title Systematic secure design guideline to improve integrity and availability of system security
title_short Systematic secure design guideline to improve integrity and availability of system security
title_full Systematic secure design guideline to improve integrity and availability of system security
title_fullStr Systematic secure design guideline to improve integrity and availability of system security
title_full_unstemmed Systematic secure design guideline to improve integrity and availability of system security
title_sort systematic secure design guideline to improve integrity and availability of system security
granting_institution Universiti Teknologi Malaysia, Faculty of Computing
granting_department Faculty of Computing
publishDate 2013
_version_ 1747816606062346240