An aspect-oriented approach to relating security requirements and access control

Affecting multiple parts in software systems, security requirements often tangle with functional requirements. In order to separate crosscutting concerns and increase modularity, we propose to represent security requirements as aspects that can be woven into functional requirements. Using problem frames to model the functional requirements, weaving is achieved by composing the modules representing security aspects with the requirement models. Moreover, we provide guidance on how such security aspects are structured to implement a particular access control solution. As a result, such security aspects become reusable solution patterns to refine the structure of security-related problem

Model-Based Security Testing

Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST) is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.Comment: In Proceedings MBT 2012, arXiv:1202.582

Formalization, Selection and Detection of Security Patterns

Generally, software requirement analysis and design methodologies based on different UML (Unified Modelling Language) diagrams need to be strengthened by the use of a number of security patterns. Security Patterns provide a way for the software developers to communicate at security level in more comprehensive way. Over the last few years, a number of security patterns has been gradually increased and still increasing. Large number of security patterns has given rise to critical problem of selecting the appropriate security pattern to solve the problem at hand. In this study, an attempt has been made for automated verification of security pattern and an approach is proposed for selection of appropriate security patterns that fulfills security requirements. In order to demonstrate this approach, four security patterns have been selected such as Single Access Point, CheckPoint, Role and Session. A grammar has been developed for the verification of selected security patterns. Goal-Oriented Requirement Language (GRL) has been used for creating the repository of formalized security patterns, this GRL model is used for extracting facts which are then represented as relational instances. Queries have been made to the instances to find appropriate security pattern which fulfils security requirements. This approach clearly identifies the contribution and consequences of a security pattern towards the security related Non Functional Requirements (NFRs). It also checks for the relationships and dependences among the security patterns, which helps in finding the pre-requisite patterns for the selected security patterns. Finally, a method for detection of security patterns using similarity score is presented

Categorization of Security Design Patterns

Strategies for software development often slight security-related considerations, due to the difficulty of developing realizable requirements, identifying and applying appropriate techniques, and teaching secure design. This work describes a three-part strategy for addressing these concerns. Part 1 provides detailed questions, derived from a two-level characterization of system security based on work by Chung et. al., to elicit precise requirements. Part 2 uses a novel framework for relating this characterization to previously published strategies, or patterns, for secure software development. Included case studies suggest the framework\u27s effectiveness, involving the application of three patterns for secure design (Limited View, Role-Based Access Control, Secure State Machine) to a production system for document management. Part 3 presents teaching modules to introduce patterns into lower-division computer science courses. Five modules, integer over ow, input validation, HTTPS, les access, and SQL injection, are proposed for conveying an aware of security patterns and their value in software development

A Knowledge Framework for Information Security Modeling

The data collection process for risk assessment highly depends on the security experience of security staffs of an organization. It is difficult to have the right information security staff, who understands both the security requirements and the current security state of an organization and at the same time possesses the skill to perform risk assessment. However, a well defined knowledge model could help to describe categories of knowledge required to guide the data collection process. In this paper, a knowledge framework is introduced, which includes a knowledge model to define the data skeleton of the risk environment of an organization and security patterns about relationships between threat, entity and countermeasures; and a data integration mechanism for integrating distributed security related data into a security data repository that is specific to an organization for information security modelling

European hospitals' transition toward fully electronic-based systems: do information technology security and privacy practices follow?

Background: Traditionally, health information has been mainly kept in paper-based records. This has deeply changed throughout approximately the last three decades with the widespread use of multiple health information technologies. The digitization of health care systems contributes to improving health care delivery. However, it also exposes health records to security and privacy breaches inherently related to information technology (IT). Thus, health care organizations willing to leverage IT for improved health care delivery need to put in place IT security and privacy measures consistent with their use of IT resources. Objective: In this study, 2 main objectives are pursued: (1) to assess the state of the implementation of IT security and privacy practices in European hospitals and (2) to assess to what extent these hospitals enhance their IT security and privacy practices as they move from paper-based systems toward fully electronic-based systems. Methods: Drawing on data from the European Commission electronic health survey, we performed a cluster analysis based on IT security and privacy practices implemented in 1723 European hospitals. We also developed an IT security index, a compounded measure of implemented IT security and privacy practices, and compared it with the hospitals' level in their transition from a paper-based system toward a fully electronic-based system. Results: A total of 3 clearly distinct patterns of health IT-related security and privacy practices were unveiled. These patterns, as well as the IT security index, indicate that most of the sampled hospitals (70.2%) failed to implement basic security and privacy measures consistent with their digitization level. Conclusions: Even though, on average, the most electronically advanced hospitals display a higher IT security index than hospitals where the paper system still dominates, surprisingly, it appears that the enhancement of IT security and privacy practices as the health information digitization advances in European hospitals is neither systematic nor strong enough regarding the IT-security requirements. This study will contribute to raising awareness among hospitals' managers as to the importance of enhancing their IT security and privacy measures so that they can keep up with the security threats inherently related to the digitization of health care organizations. © 2019 Journal of Medical Internet Research. All rights reserved

Security-Pattern Recognition and Validation

The increasing and diverse number of technologies that are connected to the Internet, such as distributed enterprise systems or small electronic devices like smartphones, brings the topic IT security to the foreground. We interact daily with these technologies and spend much trust on a well-established software development process. However, security vulnerabilities appear in software on all kinds of PC(-like) platforms, and more and more vulnerabilities are published, which compromise systems and their users. Thus, software has also to be modified due to changing requirements, bugs, and security flaws and software engineers must more and more face security issues during the software design; especially maintenance programmers must deal with such use cases after a software has been released. In the domain of software development, design patterns have been proposed as the best-known solutions for recurring problems in software design. Analogously, security patterns are best practices aiming at ensuring security. This thesis develops a deeper understanding of the nature of security patterns. It focuses on their validation and detection regarding the support of reviews and maintenance activities. The landscape of security patterns is diverse. Thus, published security patterns are collected and organized to identify software-related security patterns. The description of the selected software-security patterns is assessed, and they are compared against the common design patterns described by Gamma et al. to identify differences and issues that may influence the detection of security patterns. Based on these insights and a manual detection approach, we illustrate an automatic detection method for security patterns. The approach is implemented in a tool and evaluated in a case study with 25 real-world Android applications from Google Play

Managing Security Requirements Patterns using Feature Diagram Hierarchies

Abstract-Security requirements patterns represent reusable security practices that software engineers can apply to improve security in their system. Reusing best practices that others have employed could have a number of benefits, such as decreasing the time spent in the requirements elicitation process or improving the quality of the product by reducing product failure risk. Pattern selection can be difficult due to the diversity of applicable patterns from which an analyst has to choose. The challenge is that identifying the most appropriate pattern for a situation can be cumbersome and time-consuming. We propose a new method that combines an inquiry-cycle based approach with the feature diagram notation to review only relevant patterns and quickly select the most appropriate patterns for the situation. Similar to patterns themselves, our approach captures expert knowledge to relate patterns based on decisions made by the pattern user. The resulting pattern hierarchies allow users to be guided through these decisions by questions, which introduce related patterns in order to help the pattern user select the most appropriate patterns for their situation, thus resulting in better requirement generation. We evaluate our approach using access control patterns in a pattern user study

The Employment Security Program (With Special Reference to Tennessee Unemployment Insurance)

Employment security was one of the major programs for which provision was made in the Social Security Act of 1935. Under its terms a tax program was instituted which encouraged the states to enact unemployment insurance laws and expand their employment services. The Act imposed a federal tax on the payrolls of subject employers against which such employers were permitted to offset the major part of the taxes which they paid under state unemployment insurance laws. Since employers in states which did not enact appropriate insurance laws were liable for the full federal tax, the states acted speedily to set up unemployment insurance programs. Within less than two years after the passage of the Social Security Act, unemployment insurance laws had been enacted by all 51 jurisdictions, including the 48 states, the District of Columbia, Alaska and Hawaii. It is the purpose of this study to examine briefly the federal role in this program, then to analyze in some detail the state phase with emphasis upon the organizational patterns, legal requirements, administrative procedures and precedents related to unemployment insurance operations

Evaluating the use of remote sensing data in the U.S. Agency for International Development Famine Early Warning Systems Network

The U.S. Agency for International Development (USAID)'s Famine Early Warning System Network (FEWS NET) provides monitoring and early warning support to decision makers responsible for responding to food insecurity emergencies on three continents. FEWS NET uses satellite remote sensing and ground observations of rainfall and vegetation in order to provide information on drought, floods, and other extreme weather events to decision makers. Previous research has presented results from a professional review questionnaire with FEWS NET expert end-users whose focus was to elicit Earth observation requirements. The review provided FEWS NET operational requirements and assessed the usefulness of additional remote sensing data. We analyzed 1342 food security update reports from FEWS NET. The reports consider the biophysical, socioeconomic, and contextual influences on the food security in 17 countries in Africa from 2000 to 2009. The objective was to evaluate the use of remote sensing information in comparison with other important factors in the evaluation of food security crises. The results show that all 17 countries use rainfall information, agricultural production statistics, food prices, and food access parameters in their analysis of food security problems. The reports display large-scale patterns that are strongly related to history of the FEWS NET program in each country. We found that rainfall data were used 84% of the time, remote sensing of vegetation 28% of the time, and gridded crop models 10% of the time, reflecting the length of use of each product in the regions. More investment is needed in training personnel on remote sensing products to improve use of data products throughout the FEWS NET system. (C) 2012 Society of Photo-Optical Instrumentation Engineers (SPIE). [DOI: 10.1117/1.JRS.6.063511