An Evaluation of Security Requirements Based on the Capability Model
Summary :
This paper studies the evaluation of information flow and access guard mechanism in information system, based on process requirements occured at business and security requirements which prohibit information leakage to subjects of "conflict of interest". For the evaluation, process requirements are described by read, append matrix of subject row and object column (S-O matrix), and then the S-O matrix is evaluated by security requirements. The method of the evaluation is the following, (1) it is prohibited that two conflicting subjects can directly read or append to each other's objects, (2) a subject that have a possibility of information leakage must be observed.
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E74-A No.8 pp.2160-2165
- Publication Date
- 1991/08/25
- Publicized
- Online ISSN
- DOI
- Type of Manuscript
- Special Section PAPER (Special Issue on Cryptography and Information Security)
- Category
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Tetsuya MORIZUMI, Hiroshi NAGASE, Toyofumi TAKENAKA, Koichi YAMASHITA, "An Evaluation of Security Requirements Based on the Capability Model" in IEICE TRANSACTIONS on Fundamentals,
vol. E74-A, no. 8, pp. 2160-2165, August 1991, doi: .
Abstract: This paper studies the evaluation of information flow and access guard mechanism in information system, based on process requirements occured at business and security requirements which prohibit information leakage to subjects of "conflict of interest". For the evaluation, process requirements are described by read, append matrix of subject row and object column (S-O matrix), and then the S-O matrix is evaluated by security requirements. The method of the evaluation is the following, (1) it is prohibited that two conflicting subjects can directly read or append to each other's objects, (2) a subject that have a possibility of information leakage must be observed.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/e74-a_8_2160/_p
Copy
@ARTICLE{e74-a_8_2160,
author={Tetsuya MORIZUMI, Hiroshi NAGASE, Toyofumi TAKENAKA, Koichi YAMASHITA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={An Evaluation of Security Requirements Based on the Capability Model},
year={1991},
volume={E74-A},
number={8},
pages={2160-2165},
abstract={This paper studies the evaluation of information flow and access guard mechanism in information system, based on process requirements occured at business and security requirements which prohibit information leakage to subjects of "conflict of interest". For the evaluation, process requirements are described by read, append matrix of subject row and object column (S-O matrix), and then the S-O matrix is evaluated by security requirements. The method of the evaluation is the following, (1) it is prohibited that two conflicting subjects can directly read or append to each other's objects, (2) a subject that have a possibility of information leakage must be observed.},
keywords={},
doi={},
ISSN={},
month={August},}
Copy
TY - JOUR
TI - An Evaluation of Security Requirements Based on the Capability Model
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 2160
EP - 2165
AU - Tetsuya MORIZUMI
AU - Hiroshi NAGASE
AU - Toyofumi TAKENAKA
AU - Koichi YAMASHITA
PY - 1991
DO -
JO - IEICE TRANSACTIONS on Fundamentals
SN -
VL - E74-A
IS - 8
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - August 1991
AB - This paper studies the evaluation of information flow and access guard mechanism in information system, based on process requirements occured at business and security requirements which prohibit information leakage to subjects of "conflict of interest". For the evaluation, process requirements are described by read, append matrix of subject row and object column (S-O matrix), and then the S-O matrix is evaluated by security requirements. The method of the evaluation is the following, (1) it is prohibited that two conflicting subjects can directly read or append to each other's objects, (2) a subject that have a possibility of information leakage must be observed.
ER -
English
