1,193 research outputs found
Using problem frames with distributed architectures: a case for cardinality on interfaces
Certain classes of problems amenable to description
using Problem Frames, in particular ones intended to be
implemented using a distributed architecture, can benefit
by the addition of a cardinality specification on the
domain interfaces. This paper presents an example of
such a problem, demonstrates the need for relationship
cardinality, and proposes a notation to represent
cardinality on domain interfaces
Recommended from our members
Going on-line on a shoestring: An experiment in concurrent development of requirements and architecture
A number of on-line applications were built for a small university using a micro-sized development team. Four ideas were tested during the project: the Twin Peaks development model, using fully functional prototypes in the requirements elicitation process, some core practices of Extreme Programming, and the use of open-source software in a production environment. Certain project management techniques and their application to a micro-sized development effort were also explored. These ideas and techniques proved effective in developing many significant Internet and networked applications in a short time and at very low cost
Using Problem Frames and projections to analyze requirements for distributed systems
Subproblems in a problem frames decomposition frequently make use of projections of the complete problem context. One specific use of projec-tions occurs when an eventual implementation will be distributed, in which case a subproblem must interact with (use) the machine in a projection that represents another subproblem. We refer to subproblems used in this way as services, and propose an extension to projections to represent services as a spe-cial connection domain between subproblems. The extension provides signifi-cant benefits: verification of the symmetry of the interfaces, exposure of the machine-to-machine interactions, and prevention of accidental introduction of shared state. The extension’s usefulness is validated using a case study
Arguing Security: A Framework for Analyzing Security Requirements
When considering the security of a system, the analyst must simultaneously work with two types of properties: those that can be shown to be true, and those that must be argued as being true. The first consists of properties that can be demonstrated conclusively, such as the type of encryption in use or the existence of an authentication scheme. The second consists of things that cannot be so demonstrated but must be considered true for a system to be secure, such as the trustworthiness of a public key infrastructure or the willingness of people to keep their passwords secure. The choices represented by the second case are called trust assumptions, and the analyst should supply arguments explaining why the trust assumptions are valid.
This thesis presents three novel contributions: a framework for security requirements elicitation and analysis, based upon the construction of a context for the system; an explicit place and role for trust assumptions in security requirements; and structured satisfaction arguments to validate that a system can satisfy the security requirements. The system context is described using a problem-centered notation, then is validated against the security requirements through construction of a satisfaction argument. The satisfaction argument is in two parts: a formal argument that the system can meet its security requirements, and structured informal arguments supporting the assumptions exposed during argument construction. If one cannot construct a convincing argument, designers are asked to provide design information to resolve the problems and another pass is made through the framework to verify that the proposed solution satisfies the requirements. Alternatively, stakeholders are asked to modify the goals for the system so that the problems can be resolved or avoided. The contributions are evaluated by using the framework to do a security requirements analysis within an air traffic control technology evaluation project
Recommended from our members
Arguing satisfaction of security requirements
This chapter presents a process for security requirements elicitation and analysis,
based around the construction of a satisfaction argument for the security of a
system. The process starts with the enumeration of security goals based on assets
in the system, then uses these goals to derive security requirements in the form of
constraints. Next, a satisfaction argument for the system is constructed, using a
problem-centered representation, a formal proof to analyze properties that can be
demonstrated, and structured informal argumentation of the assumptions exposed
during construction of the argument. Constructing the satisfaction argument can
expose missing and inconsistent assumptions about system context and behavior
that effect security, and a completed argument provides assurances that a system
can respect its security requirements
Arguing security: validating security requirements using structured argumentation
This paper proposes using both formal and structured informal arguments to show that an eventual realized system can satisfy its security requirements. These arguments, called 'satisfaction arguments', consist of two parts: a formal argument based upon claims about domain properties, and a set of informal arguments that justify the claims. Building on our earlier work on trust assumptions and security requirements, we show how using satisfaction arguments assists in clarifying how a system satisfies its security requirements, in the process identifying those properties of domains that are critical to the requirements
A framework for security requirements engineering
This paper presents a framework for security requirements
elicitation and analysis, based upon the construction of a context for the system and satisfaction arguments for the security of the system. One starts with enumeration of security goals based on assets in the system. These goals are used to derive security requirements in the form of constraints. The system context is described using a problem-centered notation, then this context is
validated against the security requirements through construction of a satisfaction argument. The satisfaction argument is in two parts: a formal argument that the system can meet its security requirements, and a structured informal argument supporting the assumptions expressed in the formal argument. The construction
of the satisfaction argument may fail, revealing either that the security requirement cannot be satisfied in the context, or that the context does not contain sufficient information to develop the argument. In this case, designers and architects are asked to provide additional design information to resolve the problems
The Television Showrunner: A Case Study Analysis of Insecure and Fleabag
In light of the rise in video-on-demand (VOD) services, television has exploded in popularity on an international scale, eclipsing its predecessor of movies. This phenomenon has been further heightened by the COVID-19 pandemic as audiences flocked to their television screens during Stay-At-Home orders. Specifically, Netflix received 15 million more subscribers since mid- March, 2.3 million more Americans subscribed to Netflix since March, and broadcast television viewing has jumped by 8.3 million viewers (Fitzgerald). With the demand for high-quality entertainment, the role of the television creator/showrunner has become increasingly important, as this individual or pair of individuals is tasked with maintaining the vision of a television series. In turn, this paper will explore the role of the showrunner through two case studies: Phoebe Waller-Bridge, creator/showrunner of Fleabag, and Prentice Penny, showrunner of Insecure. Particularly, it will examine this role during the development, pre-production, production, and post-production stages through various interviews with professionals in these fields. It will also discuss the different challenges and tasks that these showrunners face, especially as Waller-Bridge and Penny are both the heads of 30-minute, comedic, socially conscious, and women-driven series. In turn, this research may shed light on shifting industry practices, what showrunning may look like post-COVID-19, and how showrunners can continue to bring awareness to various social justice issues through innovative storytelling methods
The Magic of Permutation Matrices: Categorizing, Counting and Eigenspectra of Magic Squares
Permutation matrices play an important role in understand the structure of
magic squares. In this work, we use a class of symmetric permutation matrices
than can be used to categorize magic squares. Many magic squares with a high
degree of symmetry are studied, including classes that are generalizations of
those categorized by Dudeney in 1917. We show that two classes of such magic
squares are singular and the eigenspectra of such magic squares are highly
structured. Lastly, we prove that natural magic squares of singly-even order of
these classes do note exist.Comment: 26 page
Still the Long Journey: Thoughts Concerning the State of Afro-American History
Now that Afro-American history is within the mainstream of scholarly discourse, it has become important to take a serious look at the contributions that the last three decades have produced. Of course, that would take more time than I have today, but it may be useful to talk of the latest developments and what they portend for future studies in the discipline and how they have affected my own research and thinking. The areas that I would like to look at today concern the revision of the recent past, the re-emphasis of the centrality of Afro-American history, and the evolving use of gender in recent studies.
From a presentation given by Professor Banner-Haley at a forum at the University of Massachusetts Boston on February 22, 1990
- …