期刊文献+

基于攻击树与Petri网的软件安全关注点建模 被引量:1

The Modeling of Software Security Concerns Based on Attack Tree and Petri Net
下载PDF
导出
摘要 为了构建更加安全的软件,搭建软件开发人员和安全专家之间的桥梁,软件安全关注点的建模受到越来越多的关注。针对攻击树和Petri网各自的建模优势,提出基于攻击树的Petri网模型,旨在对软件安全关注点中的安全威胁进行建模,并利用面向方面Petri网对模型进行缓解和分析,为软件开发人员提供简单直观且便于自动化分析的模型。 In order to establish a more secure software and build the bridge between software developers and security experts, the research on software security concerns modeling is becoming more and more impoitant. According to advantages of attack tree and of Petri nets separately, proposes the software security concerns modeling approach based on Petri net and attack tree, aims at modeling the security threat of software security concerns,and by using aspect-oriented petri nets to mitigate and analyse the model, provides a simple and intuitive modeling for software developers.
出处 《现代计算机(中旬刊)》 2014年第6期37-42,60,共7页 Modern Computer
关键词 软件安全 攻击树 PETRI网 软件安全关注点 建模 Software Security Attack Tree Petri Net Software Security Concerns Modeling
  • 相关文献

参考文献22

  • 1Gary McGraw. Software Security[J]. Security & Privacy,IEEE.2004,2(2) :80-83.
  • 2Rakesh Kumar, Dr.Hardeep Singh. Analysis of Information Systems Security Issues and Security Techniques[J]. Advanced Computer Research, 2012,2 ( 4 ) : 65 -68.
  • 3Inger Anne TCndel, Jostein Jensen, Lillian RCstad. Combining Misuse Cases with Attack Trees and Security Activity Models[C]. Pro- ceedings of the Fifth International Conference on Availability, Reliability and Security,2010:439-445.
  • 4H. Mouratidis, P. Giorgini, G. Manson. When Security Meets Software Engineering: A Case of Modelling Secure Information Systems. Information Systems, 2005,30 (8) : 609-629.
  • 5Maier M W, Emery D, Hilliard R. ANSI/IEEE 1471 and Systems Engineering[J]. Systems Engineering, 2004, 7 (3): 257-270.
  • 6A1-Fedaghi S, A1-Kanderi F. Integrating Security Concerns into Software Development[J]. International Journal of Security & Its Appli- cations, 2013,7(3) :235-248.
  • 7Gomaa H., Eonsuk Shin M., Modelling Complex Systems by Separating Application and Security Concerns[C]. Proceedings of the Ninth IEEE International Conference on Engineering Complex Computer Systems, 2004:19-28.
  • 8Basin D, Clavel M, Egea M. A Decade of Model-Driven Security[C]. Proceedings of the 16th ACM Symposium on Access Control Mod- els and Technologies. ACM, 2011:1-10.
  • 9Hussain S, Rasool G, Atef M, et al. A Review of Approaches to Model Security into Software Systems[J],2013,3(4) :642-647.
  • 10Djedjiga Mouheb, Chamseddine Talhi, Vitor Lima, et. al. Weaving Security Aspects into UML 2.0 Design Models[C]. Proceedings of the 13th Aspect-Oriented Modeling Workshop.Mar. 2, 2009. Charlottesville, Virginia, USA. pp.7-1 1.

二级参考文献9

  • 1江泽凡,王林章,李宣东,郑国梁.基于UML顺序图的测试方法[J].计算机科学,2004,31(7):131-136. 被引量:9
  • 2J(U)RJENS J,MUNICH T.UMLsec:Presenting the Profile[EB/OL].http://www.omg.org/news/meetings/work-shops/DOCsec-2002.Proceedings/01-2_Juergens_ UMLsec_ Tutorial.pdf/[2008-10-27].
  • 3LI Xiao-shan,LIU Zhi-ming,HE Ji-feng.A Formal Se-mantics of UML Sequence Diagram[C]//2004 Australian Software Engineering Conference(ASWEC' 04).Wash-ington; IEEE Computer Society DC,USA,2004.
  • 4ANDRADE E,MACIEL P,CALLOU G,et al.Mapping UML Sequence Diagram to Time Petri Net for Require-ment Validation of Embedded RealTime Systems with En-ergy Constraints[C]//SAC ' 09 March 812,Honolulu,Hawaill:U.S.A.New York:Proceeding of the 2009 ACM symposium on Applied lomputing,USA,2009.
  • 5JURJENS J,MUNICH T.Secure Software Architecture Description using UML[EB/OL].http://wiki.lassy.uni.lu/tiki-download file,php? fileld = 165/[2008-10-27].
  • 6BEST B,J(U)RJENS J,NUSEIBEH B.Model-based Secu-rity Engineering of Distributed Information Systems using UMLsec[C]//IEE Computer Society.ICSE 2007.29th International Conference on Software Engineering.Wash-ington; IEEE,2007:581-590.
  • 7CHEN Feng,LI Wei-hua,FANG Ding-yi,et al.Re-search on Integration of Safety Analysis in Model-Driven Software Development[C]// IEEE Computer Society.2009 Fifth International Conference on Information Assur-ance and Security.Xi'an:IEEE,2009.
  • 8李景峰,陈平.基于Z规范的统一建模语言序列图语义分析方法[J].西安电子科技大学学报,2003,30(4):519-524. 被引量:3
  • 9李青山,褚华,陈平.基于进程代数的UML序列图的形式语义[J].计算机科学,2004,31(4):173-175. 被引量:4

共引文献3

同被引文献10

引证文献1

二级引证文献16

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部