Fuzzy description of security requirements for intrusion tolerant web-services
Performing security analysis in the early stages of web-services development is a major engineering trend. However, it is not always possible to entirely identify and mitigate the security threats within the web-service. This may eventually lead to security failure of the service. To avoid secu...
| Main Authors: | , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
The Society of Digital Information and Wireless Communications (SDIWC)
2013
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/41333/1/41333.pdf |
| _version_ | 1825949765557288960 |
|---|---|
| author | Mougouei, Davoud Wan Ab. Rahman, Wan Nurhayati |
| author_facet | Mougouei, Davoud Wan Ab. Rahman, Wan Nurhayati |
| author_sort | Mougouei, Davoud |
| collection | UPM |
| description | Performing security analysis in the early stages of
web-services development is a major engineering
trend. However, it is not always possible to entirely
identify and mitigate the security threats within the
web-service. This may eventually lead to security
failure of the service. To avoid security failure, the
web-service must tolerate the possible intrusions.
Intrusion tolerance must be incorporated in the security requirements of the service. In this paper, we propose a new technique toward description of security requirements of Intrusion Tolerant Services (ITS) using fuzzy logic. We care for intrusion tolerance in to the security requirements of the web service through considering partial satisfaction of security goals. This partiality is addressed through establishment of a Goal-Based Fuzzy Grammar (GFG) for describing Security Requirement Model (SRM) of the ITS. |
| first_indexed | 2024-03-06T08:49:36Z |
| format | Conference or Workshop Item |
| id | upm.eprints-41333 |
| institution | Universiti Putra Malaysia |
| language | English |
| last_indexed | 2024-03-06T08:49:36Z |
| publishDate | 2013 |
| publisher | The Society of Digital Information and Wireless Communications (SDIWC) |
| record_format | dspace |
| spelling | upm.eprints-413332015-11-04T07:47:29Z http://psasir.upm.edu.my/id/eprint/41333/ Fuzzy description of security requirements for intrusion tolerant web-services Mougouei, Davoud Wan Ab. Rahman, Wan Nurhayati Performing security analysis in the early stages of web-services development is a major engineering trend. However, it is not always possible to entirely identify and mitigate the security threats within the web-service. This may eventually lead to security failure of the service. To avoid security failure, the web-service must tolerate the possible intrusions. Intrusion tolerance must be incorporated in the security requirements of the service. In this paper, we propose a new technique toward description of security requirements of Intrusion Tolerant Services (ITS) using fuzzy logic. We care for intrusion tolerance in to the security requirements of the web service through considering partial satisfaction of security goals. This partiality is addressed through establishment of a Goal-Based Fuzzy Grammar (GFG) for describing Security Requirement Model (SRM) of the ITS. The Society of Digital Information and Wireless Communications (SDIWC) 2013 Conference or Workshop Item NonPeerReviewed application/pdf en http://psasir.upm.edu.my/id/eprint/41333/1/41333.pdf Mougouei, Davoud and Wan Ab. Rahman, Wan Nurhayati (2013) Fuzzy description of security requirements for intrusion tolerant web-services. In: The Second International Conference on Cyber Security, Cyber Warfare and Digital Forensic, 4-6 Mar. 2013, Kuala Lumpur, Malaysia. (pp. 141-147). http://sdiwc.net/digital-library/web-admin/upload-pdf/00000548.pdf |
| spellingShingle | Mougouei, Davoud Wan Ab. Rahman, Wan Nurhayati Fuzzy description of security requirements for intrusion tolerant web-services |
| title | Fuzzy description of security requirements for intrusion tolerant web-services |
| title_full | Fuzzy description of security requirements for intrusion tolerant web-services |
| title_fullStr | Fuzzy description of security requirements for intrusion tolerant web-services |
| title_full_unstemmed | Fuzzy description of security requirements for intrusion tolerant web-services |
| title_short | Fuzzy description of security requirements for intrusion tolerant web-services |
| title_sort | fuzzy description of security requirements for intrusion tolerant web services |
| url | http://psasir.upm.edu.my/id/eprint/41333/1/41333.pdf |
| work_keys_str_mv | AT mougoueidavoud fuzzydescriptionofsecurityrequirementsforintrusiontolerantwebservices AT wanabrahmanwannurhayati fuzzydescriptionofsecurityrequirementsforintrusiontolerantwebservices |