230 likes | 265 Views
Learn about the TJX incident, the largest credit card theft in history, and explore the importance of capturing, organizing, and reusing knowledge of non-functional requirements (NFRs) to prevent such incidents. This paper presents a pattern approach for managing NFR knowledge.
E N D
Sam Supakkul1 Tom Hill2 Ebenezer Akin Oladimeji3 Lawrence Chung1 1The University of Texas at Dallas 2 EDS, an HP company 3 Verizon Communications Capturing, Organizing, and Reusing Knowledge of NFRs:An NFR Pattern Approach
Security = “bad things to be prevented” * The TJX incident, the largest credit card theft in history • To prevent such incident, we need to know: • Meaning of credit card security? • Problems suffered by TJX? • Root causes of those problems? • Mitigation alternatives of the problems and their causes? • Choosing and developing the mitigations with consideration of other organizational needs? * C. Haley and B. Nuseibeh, IEEE TSE, 2008
Difficult to get technical details from case reports The TJX case attack scenario • Developed after: • reading over 30 articles • studying computer security • educated assumptions Problem: Lack of security knowledge
Problem: Difficult to possess necessary NFRs related knowledge
Goal Pattern Name: FISMA Security Objectives Objective: refine Security Domain: <none> Model: Known uses: FISMA, US military Goal pattern captures a definition of an NFR
Problem pattern Name: TJX Security Problems Domain: Objective: break Privacy[Payment card info] Model: Experiences: TJX Problem pattern captures an undesirable situation that can hurt an NFR
Causal Attribution Pattern Name: Unauthorized Server Access Causes Domain: <none> Objective: make Unauthorized Access [Server] Model: Experiences: TJX Causal Attribution pattern captures causes and root causes of a problem
Problem classification Undesirable situation Undesirable operation Vulnerability
Problem mitigation classification Prevent/limit the effect on the goal Undesirable situation Prevent the operation from causing the undesirable situation Undesirable operation Prevent the operation from being realized Vulnerability Change environment to that with more acceptable risks
Solution Alternatives Pattern Name: Unauthorized Server Access Mitigation Domain: <none> Objective: hurt Unauthorized access [server] Model: Experiences: Name: Masquerading User Login Mitigation Domain: <none> Objective: break Masquerading user login Model: Experiences: Name: Clear text ID/password Mitigation Domain: <none> Objective: break Clear text ID/password Mitigation Model: Experiences:
Alternatives Selection Pattern select select select Name: Usability Driven Unauthorized Server Access Mitigation Domain: Objective: select Unauthorized Server Access Mitigation, Masquerading User Login Mitigation, Clear Text ID/Password Mitigation Model: Experiences:
Result of a selection pattern Goal Pattern Problem Pattern Casual Pattern Alternatives Patterns project Selection Pattern
Requirements Pattern What are requirements?
Requirements Requirement Specification Program World Machine Assumption Requirements “requirements that indicate what the customer needs from the system, described in terms of its effect on the environment” [Gunter, Gunter, Jackson, Zave, IEEE Software 2000] Problem Frames Specifications Requirements Requirements [R. Seater, D. Jackson, IWAAPF’06] Goals assignable to agents in the software-to-be [van Lamsweerde, ICSE00]
Requirements Pattern Name: Strong password requirements Domain: Objective: make Non-dictionary password, Frequently changed password Model: Experiences:
Pattern specialization • Properties • Specialization of context/topic • More restrictive content
Pattern aggregation Pre-assembled patterns into an aggregate pattern -Ready-to-use -More cohesive knowledge -Narrower applicability • Manual application of multiple patterns • Know which patterns to use • Know which order to apply • But flexible
Pattern classification/meta-pattern [Supakkul, Hill, Oladimeji, Chung, PLoP09]
Pattern operations Search operation Apply operation Examples of the apply operation
Conclusion • Contributions • Capturing and reusing different kinds of NFR knowledge using patterns • Organization of patterns along the 3 dim. • Future work • More precise definition of the concepts • Tool support to verify the concepts • More case studies to validate the general applicability for other NFRs
Capturing, Organizing, and Reusing Knowledge of NFRs:An NFR Pattern Approach Sam Supakkul1 Tom Hill2 Ebenezer Akin Oladimeji3 Lawrence Chung1 1The University of Texas at Dallas 2 EDS, an HP company 3 Verizon Communications Thank you