Universiti Teknologi Malaysia Institutional Repository

Systematic secure design guideline to improve integrity and availability of system security

Krishnan, Ashvini Devi (2013) Systematic secure design guideline to improve integrity and availability of system security. Masters thesis, Universiti Teknologi Malaysia, Faculty of Computing.

Full text not available from this repository.

Official URL: http://dms.library.utm.my:8080/vital/access/manage...

Abstract

Security is the most important dimension to the systems that involves processing and interchange of confidential information. Therefore it is a must to be designed so that they achieved a high level at security. Security specification languages can be used to represent security specification such as attack specification or to be more precise about who can do what and when, and this can be achieved by enforcing access control. The suitable approach to enforce access control is Role- Based Access Control (RBAC). Only secureUML metamodel is using RBAC as security mechanism. However, secureUML metamodel does not indicate the properties of supporting basic security requirements which focusing on integrity and availability, and even the consideration of situation that leads to different possible attacks. The objective of this dissertation is to propose a systematic secure design guideline by enhancing secureUML metamodel. The enhancement is performed by integrating with protection-levels of secured layers which provides protection for the critical assets in various layers to support integrity and availability and to identify possible internal threats based on scenario by using Step-by-Step Secure Design Guideline (3SDG). In order to use the enhanced secureUML metamodel for designing a secure system, it needs to follow 3SDG to identify and validate system process. 3SDG is a guideline which is formed by integrating Comprehensive, Lightweight Application Security Process (CLASP) design steps and Sommerville’s security guideline which most suitable design guideline. Both guidelines are mainly focuses on designing secure system. By using the enhanced secureUML metamodel with 3SDG in a case study, it ables to show the solution for selected internal threats to improve integrity and Availability. This will help security designer provide protection to the computer which the system runs, application and records from threats. This model and the guideline will able to help to design more persistence secure system to maintain security from internal attacks

Item Type:Thesis (Masters)
Additional Information:Thesis (Sarjana Sains (Sains Komputer)) - Universiti Teknologi Malaysia, 2013 ; Supervisor : Dr. Dayang Norhayati Abang Jawawi
Uncontrolled Keywords:security, confidential information, Role- Based Access Control (RBAC)
Subjects:Q Science > QA Mathematics > QA76 Computer software
Divisions:Computing
ID Code:41731
Deposited By: Haliza Zainal
Deposited On:08 Oct 2014 02:20
Last Modified:29 Jun 2020 01:10

Repository Staff Only: item control page