Fuzzy description of security requirements for intrusion tolerant web-services

Citation

Mougouei, Davoud and Wan Ab. Rahman, Wan Nurhayati (2013) Fuzzy description of security requirements for intrusion tolerant web-services. In: The Second International Conference on Cyber Security, Cyber Warfare and Digital Forensic, 4-6 Mar. 2013, Kuala Lumpur, Malaysia. (pp. 141-147).

Abstract

Performing security analysis in the early stages of web-services development is a major engineering trend. However, it is not always possible to entirely identify and mitigate the security threats within the web-service. This may eventually lead to security failure of the service. To avoid security failure, the web-service must tolerate the possible intrusions. Intrusion tolerance must be incorporated in the security requirements of the service. In this paper, we propose a new technique toward description of security requirements of Intrusion Tolerant Services (ITS) using fuzzy logic. We care for intrusion tolerance in to the security requirements of the web service through considering partial satisfaction of security goals. This partiality is addressed through establishment of a Goal-Based Fuzzy Grammar (GFG) for describing Security Requirement Model (SRM) of the ITS.

Download File

PDF
41333.pdf
Restricted to Repository staff only
Download (732kB)

Official URL or Download Paper: http://sdiwc.net/digital-library/web-admin/upload-...

Additional Metadata

Item Type:	Conference or Workshop Item (Paper)
Divisions:	Faculty of Computer Science and Information Technology
Publisher:	The Society of Digital Information and Wireless Communications (SDIWC)
Keywords:	Web-service; Security goal; Intrusion tolerance; GoalBased fuzzy grammar
Depositing User:	Nursyafinaz Mohd Noh
Date Deposited:	04 Nov 2015 07:47
Last Modified:	04 Nov 2015 07:47
URI:	http://psasir.upm.edu.my/id/eprint/41333
Statistic Details:	View Download Statistic

Actions (login required)

View Item