Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom...
-
Upload
marcus-little -
Category
Documents
-
view
218 -
download
2
Transcript of Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom...
![Page 1: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/1.jpg)
Capturing, Organizing, and Reusing Knowledge of NFRs:
An NFR Pattern Approach
Sam Supakkul1
Tom Hill2
Ebenezer Akin Oladimeji3
Lawrence Chung1
1The University of Texas at Dallas2 EDS, an HP company3 Verizon Communications
![Page 2: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/2.jpg)
Security = “bad things to be prevented” *
* C. Haley and B. Nuseibeh, IEEE TSE, 2008
Hackerin a parking lot outside a Marshalls store in Miami
Co-conspirators in Europe
· 45.7 million stolen credit cards· Class-action lawsuit by nearly 300 affected banks· Cost TJX $1 billion over 5 years excluding lawsuit
To prevent such incident, we need to know:Meaning of credit card security?Problems suffered by TJX?Root causes of those problems?Mitigation alternatives of the problems and their causes?Choosing and developing the mitigations with consideration of other organizational needs?
The TJX incident, the largest credit card theft in history
![Page 3: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/3.jpg)
Difficult to get technical details from case reports
Retail Transaction System
TJX Corporate Network
Internet
Hackerin a parking lot outside a Marshalls store in Miami
Co-conspirators in Europe
1
1 A hacker broke WEP encryption to access the wireless network
2
3 The hacker transferred files containing credit card info to his laptop and to co-conspirators in Europe
ID / Password
2
The hacker masqueraded as a valid user using intercepted ID and password
ID / PasswordTJX
StoreWi-Fi
Customer Cashier
Back Office User
WEP
3
3
The TJX case attack scenario
Developed after:• reading over 30 articles• studying computer security• educated assumptions
Problem: Lack of security knowledge
![Page 4: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/4.jpg)
Problem: Difficult to possess necessary NFRs related knowledge
Domain Independent
Goal
Means
Domain Specific
Requirements
Running System
Problem
Solution
security = confidentiality, integrity, and availability?
2-factor authentication?
WEP hacking
remote user masquerading
security modeled as goals
architecture and design for 2-factor authentication
strong passwords?
general definition of security problem frames for 2-factor
authentication
security = confidentiality?
2-factor authentication?
strong passwords?
specific definition of security for credit card industry
![Page 5: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/5.jpg)
A solution: Applying NFRs knowledge captured as patterns
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX problems [Paymentcard info]
.
Sec u rit y [Pa y m ent ca rdi nform a tio n]
Co nfi dent ia l it y
e q l
Pr iv a c y
e q l
.
P a ym en t ca rd in f o rm a t io n
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJ X problems [Paymentcard info]
.
Reset compromised passwords
Disable compromised useraccounts
Two-factor authentication
RADIUS or TACACS userauthentication
Password + token Password + biometrics
Password encryption
++
Availability [Server]_ _
Usability [Server]_
Cost_ _
++
++
++
+
+
+
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJ X problems [Paymentcard info]
.
+W
+W
+W
Availability [Authentication]
RSA ACE server with SecurIDtokens
Vasco Digipass
CRYPTOcard KT-1++
Interoperability [othersoftware]
++
Interoperability [Unixlogin/SSH]
Interoperability [Weblogin/Apache, IIS]
Interoperability [VPN]
Interoperability [LDAP]
++
++
++
Interoperability [Windowslogin]++ +
++
_ _
++
_ _
Availability [AuthenticationServer]
Availability [Token]
++
++
++
++
++
++
++
_++
Availability [Synchronizedtoken]
Availability [Token operatinglife]
++
_
_
Reset compromised passwords
Disable compromised useraccounts
Two-factor authentication
RADIUS or TACACS userauthentication
Password + token Password + biometrics
Password encryption
++
Availability [Server]_ _
Usability [Server]_
Cost_ _
++
++
++
+
+
+
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJ X problems [Paymentcard info]
.
+W
+W
+W
Security [Payment cardinformation]
Confidentiality
eql
Privacy
eql
.
Security [Payment cardinformation]
Confidentiality
eql
Privacy
eql
.
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX problems [Paymentcard info]
.
Goal Pattern
Problem Pattern
Causal AttributionPattern
Reset compromised passwords
Disable compromised useraccounts
Two-factor authentication
RADIUS or TACACS userauthentication
Password + token Password + biometrics
Password encryption
++
Masquerading user login
_
_
Unauthorized access [server]
_ _
Availability [Server]
_ _
Usability [Server]
_
Cost
_ _
++
++
++
+
+
+
Transmission of ID andpassword in clear textis easily interceptable
_ _
.
Alternatives PatternConfidentiality [CorporateServer]
Usability
Cost
Secure passwords
Strong passwords
User education, training,enforcement
ID/password encryption
Stored ID/password encryption
Transmitted ID/passwordencryption
Non-dictionary words
Frequently changed passwords
+
_ _
+_
+
..
Selection Pattern
Availability [Authentication]
Password + token
RSA ACE server with SecurIDtokens
Vasco Digipass
CRYPTOcard KT-1
++
++
++
++
Interoperability [othersoftware]
++
Interoperability [Unixlogin/SSH]
Interoperability [Weblogin/Apache, IIS]
Interoperability [VPN]
Interoperability [LDAP]
++
++
++
Interoperability [Windowslogin]++ +
++
_ _
++
_ _
Availability [AuthenticationServer]
Availability [Token]
++
++
++
++
++
++
++
_++
Availability [Synchronizedtoken]
Availability [Token operatinglife]
++
_
_
..
Requirements Pattern
Final Requirements
Model
Initial Requirements
Model
Meaning of security?
TJX problems?
Causes of problems?
Alternatives?
Tradeoffs?
Requirements, specifications?
Modeling?
Modeling? Modeling? Modeling?
Modeling?
![Page 6: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/6.jpg)
Goal Pattern
Name: FISMA Security ObjectivesObjective: refine SecurityDomain: <none>Model:Known uses: FISMA, US military
FISMA Security Objectives
Security
Integrity
Confidentiality Availability
Privacy Proprietary
Authenticity Non-repudiation
Timeliness Reliability
.
Security
refine
Legend
NFR goal
ANDDecomp.
ORDecomp.
Designdomain
Goal pattern captures a definition of an NFR
![Page 7: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/7.jpg)
Problem pattern
Name: TJX Security ProblemsDomain: Objective: break Privacy[Payment card info]Model:Experiences: TJX
TJX Credit Card Theft
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX security compromises[Payment card info]
.
Financial
PaymentCard
Problem pattern captures an undesirable situation that can hurt an NFR
DomainInterface
UndesirableSituation
Legend
NFR goal
ANDDecomp.
ORDecomp.
Designdomain
Givendomain
Topic/Context
![Page 8: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/8.jpg)
Causal Attribution Pattern
Name: Unauthorized Server Access CausesDomain: <none>Objective: make Unauthorized Access [Server]Model:Experiences: TJX
Unauthorized Server Access Causes
Causal Attribution pattern captures causes and root causes of a problem
FunctionReference
DomainInterface
Agent FunctionVulnerabilityUndesirable
Situation
Legend
NFR goal
ANDDecomp.
ORDecomp.
Designdomain
Givendomain
Topic/Context
UndesirableOperationMachine
++Make
+HelpContribution
– – –
Break Hurt
![Page 9: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/9.jpg)
Problem classification
Unauthorized Server Access Causes
Undesirable situation
Undesirable operation
Vulnerability
![Page 10: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/10.jpg)
Problem mitigation classification
Unauthorized Server Access Causes
Undesirable situation
Undesirable operation
VulnerabilityChange environment to that with more acceptable risks
Prevent the operation from being realized
Prevent the operation from causing the undesirable situation
Prevent/limit the effect on the goal
Privacy [Credit Card Information]. .
![Page 11: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/11.jpg)
Solution Alternatives PatternName: Unauthorized Server Access MitigationDomain: <none>Objective: hurt Unauthorized access [server]Model:Experiences:
Clear text ID/password Mitigation
Masquerading User Login Mitigation
Unauthorized Server Access Mitigation
Reset compromised passwords
Disable compromised useraccounts
_
_
Unauthorized access [server]
Availability [Server]_ _
Usability [Server]
_
Cost
++
++
.
.
Two-factor authentication
Password + token Password + biometrics
Masquerading user login_ _
Usability [Server]
Cost
_ _
++
+
.++ ++
_
.
Password encryption
Cost
Transmission of ID andpassword in clear textis easily interceptable
_ _.
RADIUS or TACACS remoteauthentication protocol
++
+
Name: Masquerading User Login MitigationDomain: <none>Objective: break Masquerading user loginModel:Experiences:
Name: Clear text ID/password MitigationDomain: <none>Objective: break Clear text ID/password MitigationModel:Experiences:
![Page 12: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/12.jpg)
Alternatives Selection Pattern
Unauthorized Server Access Mitigation
Reset compromised passwords
Disable compromised useraccounts
_
_
Unauthorized access [server]
Availability [Server]
_ _
Usability [Server]
_
Cost
++
++
.
.
Masquerading User Login Mitigation
Two-factor authentication
Password + token Password + biometrics
Masquerading user login_ _
Usability [Server]
Cost
_ _
++
+
.++ ++
_
.
Clear text ID/password Mitigation
Password encryption
Cost
Transmission of ID andpassword in clear textis easily interceptable
_ _.
RADIUS or TACACS remoteauthentication protocol
++
+
Name: Usability Driven Unauthorized Server Access MitigationDomain:Objective: select Unauthorized Server Access Mitigation, Masquerading User Login Mitigation, Clear Text ID/Password MitigationModel:Experiences:
Usability Driven Unauthorized Server Access Mitigation
Usability
Cost
Two-factor authentication
Password + token
_
.++
+
select select select
![Page 13: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/13.jpg)
Result of a selection patternUnauthorized Server Access Causes
TJX Credit Card Theft
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX security compromises[Payment card info]
.
Unauthorized Server Access Mitigation
Reset compromised passwords
Disable compromised useraccounts
_
_
Unauthorized access [server]
Availability [Server]_ _
Usability [Server]
_
Cost
++
++
.
.
Masquerading User Login Mitigation
Two-factor authentication
Password + token Password + biometrics
Masquerading user login_ _
Usability [Server]
Cost
_ _
++
+
.++ ++
_
.
Clear text ID/password Mitigation
Password encryption
Cost
Transmission of ID andpassword in clear textis easily interceptable
_ _.
RADIUS or TACACS remoteauthentication protocol
++
+
Usability Driven Unauthorized Server Access Mitigation
Usability
Cost
Two-factor authentication
Password + token
_
.++
+ project
FISMA Security Objectives
Security
Integrity
Confidentiality Availability
Privacy Proprietary
Authenticity Non-repudiation
Timeliness Reliability
.
Security
refine
Confidentiality [CorporateServer]
Securing ID and passwords
Unauthorized access [CorporateServer]
Masquarade [Remote loginusing ID/password]
Selection Pattern
Goal Pattern Problem Pattern Casual Pattern
Alternatives Patterns
![Page 14: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/14.jpg)
Requirements Pattern
What are requirements?
![Page 15: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/15.jpg)
Safe [Transport]
Maintain [WCS distancebetween trains]
Maintain [Track segmentspeed limit]
Avoid [Train enteringclosed gate]
++
++
++
Maintain [Safe speed/ accelerationcommanded]
Maintain [Safe commandto following train basedon speed/ position estimates]
Maintain [No sudden stopof preceding train]
Maintain [Safe train responseto command]
Requirements
W R S P M
Assumption
RequirementsGoals assignable to agents in the software-to-be[van Lamsweerde, ICSE00]
Requirements“requirements that indicate what the customerneeds from the system, describedin terms of its effect on the environment”[Gunter, Gunter, Jackson, Zave, IEEE Software 2000]
World
Requirement Specification Program
Machine
RequirementsSpecifications[R. Seater, D. Jackson, IWAAPF’06]
Problem Frames
![Page 16: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/16.jpg)
Requirements Pattern
Name: Strong password requirementsDomain:Objective: make Non-dictionary password, Frequently changed passwordModel:Experiences:
Unauthorized server access cost driven selection
Strong passwords
Non-dictionary passwords
Frequently changed passwords
Maintain passwords - internaldictionary Maintain passwords - external
dictionary
Password periodic changereminder/ enforcer
Time Performance
Maintainability
++
_
_++
Maintain [passwords]
Maintain [periodicallychanged passwords]
Achieve [password changereminder]
Maintain [password usinginternal dictionary]
Maintain [password usingexternal dictionary]
++++
++
++++
![Page 17: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/17.jpg)
Pattern organization
ClassificationInstantiation
Genealization
Specialization
Aggregation
Decomposition
FISMA Security Definition
PCI Security Definition
TJX Security Objectives Pattern
TJX Security Threats PatternUnauthorized Access Mitigations Pattern
TJX Security Pattern
Security Threat Mitigation Meta-Pattern
Unauthorized Server Access Mitigation Pattern
Malicious Data Transfer Mitigation Pattern
![Page 18: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/18.jpg)
Pattern specialization
FISMA Security Objectives
Security [Information]
Integrity
Confidentiality Availability
Privacy Proprietary
Authenticity Non-repudiation
Timeliness Reliability
.
PCI Security Objectives
Security [Payment cardinformation]
Confidentiality
eql
Privacy
eql
.
Information
Payment Card Information
Properties• Specialization of context/topic• More restrictive content
![Page 19: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/19.jpg)
Pattern aggregation
TJX Security Pattern
Card Data Environment
PCI Security Objectives[Credit Card Information]
TJX Threats Unauthorized Server AccessMitigation
S-
S+S-
Two-Factor Problem Frame
++
TJX Threat Causes
S+
Unauthorized IntranetAccess Mitigation
S+
Malicious Data TransferMitigation
S+
S-S-
Two-Factor Use Cases
++
.
.
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX problems [Paymentcard info]
.
Security [Pa ym ent ca rdinforma tion]
Confidentia lity
eq l
Priv a cy
eq l
.
P aym e nt ca rd in fo rma tio n
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJ X problems [Paymentcard info]
.
Reset compromised passwords
Disable compromised useraccounts
Two-factor authentication
RADIUS or TACACS userauthentication
Password + token Password + biometrics
Password encryption
++
Availability [Server]_ _
Usability [Server]_
Cost_ _
++
++
++
+
+
+
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX problems [Paymentcard info]
.
+W
+W
+W
Availability [Authentication]
RSA ACE server with SecurIDtokens
Vasco Digipass
CRYPTOcard KT-1++
Interoperability [othersoftware]
++
Interoperability [Unixlogin/ SSH]
Interoperability [Weblogin/ Apache, IIS]
Interoperability [VPN]
Interoperability [LDAP]
++
++
++
Interoperability [Windowslogin]++ +
++
_ _
++
_ _
Availability [AuthenticationServer]
Availability [Token]
++
++
++
++
++
++
++
_++
Availability [Synchronizedtoken]
Availability [Token operatinglife]
++
_
_
Reset compromised passwords
Disable compromised useraccounts
Two-factor authentication
RADIUS or TACACS userauthentication
Password + token Password + biometrics
Password encryption
++
Availability [Server]_ _
Usability [Server]_
Cost_ _
++
++
++
+
+
+
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX problems [Paymentcard info]
.
+W
+W
+W
Security [Payment cardinformation]
Confidentiality
eql
Privacy
eql
.
Security [Payment cardinformation]
Confidentiality
eql
Privacy
eql
.
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX problems [Paymentcard info]
.
Goal Pattern
Problem Pattern
Causal AttributionPattern
Reset compromised passwords
Disable compromised useraccounts
Two-factor authentication
RADIUS or TACACS userauthentication
Password + token Password + biometrics
Password encryption
++
Masquerading user login
_
_
Unauthorized access [server]
_ _
Availability [Server]
_ _
Usability [Server]
_
Cost
_ _
++
++
++
+
+
+
Transmission of ID andpassword in clear textis easily interceptable
_ _
.
Alternatives PatternConfidentiality [CorporateServer]
Usability
Cost
Secure passwords
Strong passwords
User education, training,enforcement
ID/password encryption
Stored ID/password encryption
Transmitted ID/passwordencryption
Non-dictionary words
Frequently changed passwords
+
_ _
+_
+
..
Selection Pattern
Availability [Authentication]
Password + token
RSA ACE server with SecurIDtokens
Vasco Digipass
CRYPTOcard KT-1
++
++
++
++
Interoperability [othersoftware]
++
Interoperability [Unixlogin/ SSH]
Interoperability [Weblogin/ Apache, I IS]
Interoperability [VPN]
Interoperability [LDAP]
++
++
++
Interoperability [Windowslogin]++ +
++
_ _
++
_ _
Availability [AuthenticationServer]
Availability [Token]
++
++
++
++
++
++
++
_++
Availability [Synchronizedtoken]
Availability [Token operatinglife]
++
_
_
..
Requirements Pattern
Final Requirements
Model
Initial Requirements
Model
Manual application of multiple patterns-Know which patterns to use-Know which order to apply-But flexible
Pre-assembled patterns into an aggregate pattern-Ready-to-use-More cohesive knowledge-Narrower applicability
![Page 20: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/20.jpg)
Pattern classification/meta-pattern
Unauthorized Intranet Access Mitigation
Security Mitigation Meta-Pattern
context problem solution
forcesasset
context
Undesirable outcome [Asset]
Threat
Vulnerability
Unauthorized Server Access Mitigation Malicious Data Transfer Mitigation
Instance-of
Instance-of
Instance-of
[Supakkul, Hill, Oladimeji, Chung, PLoP09]
![Page 21: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/21.jpg)
Pattern operations
search
PatternCatalog
TopicResults
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX problems [Paymentcard info]
.
Security [Pa ym ent ca rdinforma tion]
Confidentia lity
eq l
Priv a cy
eq l
.
P aym e nt ca rd in fo rma tio n
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJ X problems [Paymentcard info]
.
Reset compromised passwords
Disable compromised useraccounts
Two-factor authentication
RADIUS or TACACS userauthentication
Password + token Password + biometrics
Password encryption
++
Availability [Server]_ _
Usability [Server]_
Cost_ _
++
++
++
+
+
+
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX problems [Paymentcard info]
.
+W
+W
+W
Availability [Authentication]
RSA ACE server with SecurIDtokens
Vasco Digipass
CRYPTOcard KT-1++
Interoperability [othersoftware]
++
Interoperability [Unixlogin/ SSH]
Interoperability [Weblogin/ Apache, IIS]
Interoperability [VPN]
Interoperability [LDAP]
++
++
++
Interoperability [Windowslogin]++ +
++
_ _
++
_ _
Availability [AuthenticationServer]
Availability [Token]
++
++
++
++
++
++
++
_++
Availability [Synchronizedtoken]
Availability [Token operatinglife]
++
_
_
Reset compromised passwords
Disable compromised useraccounts
Two-factor authentication
RADIUS or TACACS userauthentication
Password + token Password + biometrics
Password encryption
++
Availability [Server]_ _
Usability [Server]_
Cost_ _
++
++
++
+
+
+
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX problems [Paymentcard info]
.
+W
+W
+W
Security [Payment cardinformation]
Confidentiality
eql
Privacy
eql
.
Security [Payment cardinformation]
Confidentiality
eql
Privacy
eql
.
Unauthorized access [Intranet(Computing facility)]
Unauthorized access [Server(Computing facility)]
Malicious transfer [Paymentcard info]
TJX problems [Paymentcard info]
.
Goal Pattern
Problem Pattern
Causal AttributionPattern
Reset compromised passwords
Disable compromised useraccounts
Two-factor authentication
RADIUS or TACACS userauthentication
Password + token Password + biometrics
Password encryption
++
Masquerading user login
_
_
Unauthorized access [server]
_ _
Availability [Server]
_ _
Usability [Server]
_
Cost
_ _
++
++
++
+
+
+
Transmission of ID andpassword in clear textis easily interceptable
_ _
.
Alternatives PatternConfidentiality [CorporateServer]
Usability
Cost
Secure passwords
Strong passwords
User education, training,enforcement
ID/password encryption
Stored ID/password encryption
Transmitted ID/passwordencryption
Non-dictionary words
Frequently changed passwords
+
_ _
+_
+
..
Selection Pattern
Availability [Authentication]
Password + token
RSA ACE server with SecurIDtokens
Vasco Digipass
CRYPTOcard KT-1
++
++
++
++
Interoperability [othersoftware]
++
Interoperability [Unixlogin/ SSH]
Interoperability [Weblogin/ Apache, I IS]
Interoperability [VPN]
Interoperability [LDAP]
++
++
++
Interoperability [Windowslogin]++ +
++
_ _
++
_ _
Availability [AuthenticationServer]
Availability [Token]
++
++
++
++
++
++
++
_++
Availability [Synchronizedtoken]
Availability [Token operatinglife]
++
_
_
..
Requirements Pattern
Final Requirements
Model
Initial Requirements
Model
applyM M’
P
Search operation
Apply operationExamples of the apply operation
![Page 22: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/22.jpg)
Conclusion
• Contributions– Capturing and reusing different kinds of NFR
knowledge using patterns– Organization of patterns along the 3 dim.
• Future work– More precise definition of the concepts– Tool support to verify the concepts– More case studies to validate the general
applicability for other NFRs
![Page 23: Capturing, Organizing, and Reusing Knowledge of NFRs: An NFR Pattern Approach Sam Supakkul 1 Tom Hill 2 Ebenezer Akin Oladimeji 3 Lawrence Chung 1 1 The.](https://reader033.fdocuments.net/reader033/viewer/2022042822/56649e4b5503460f94b40656/html5/thumbnails/23.jpg)
Capturing, Organizing, and Reusing Knowledge of NFRs:
An NFR Pattern Approach
Sam Supakkul1
Tom Hill2
Ebenezer Akin Oladimeji3
Lawrence Chung1
1The University of Texas at Dallas2 EDS, an HP company3 Verizon Communications