Security Functional Requirements for The Development of a Biometrics Attendance System

2020 8th International Conference on Information and Communication Technology (ICoICT) Pub Date : 2020-06-01 DOI:10.1109/ICoICT49345.2020.9166294

Rahmat Yasirandi, Parman Sukarno, MHD. Algiansyah, Emiya Fefayosa Br Tarigan

{"title":"Security Functional Requirements for The Development of a Biometrics Attendance System","authors":"Rahmat Yasirandi, Parman Sukarno, MHD. Algiansyah, Emiya Fefayosa Br Tarigan","doi":"10.1109/ICoICT49345.2020.9166294","DOIUrl":null,"url":null,"abstract":"The traditional validation process of the attendance system today still has myriad threats in its use. One of that is popularly known as the manipulation of attendance data (especially if using paper-based). This study aims to improve security during the validation system by designing a security document that can be used as a guide when developing an attendance system. After following each step in the common criteria framework, a security document will be generated later. The document is also commonly referred to as the Protection Profile (PP) of the document. PP documents can be used as a basic guide when a developer will build a product. Generally, products related to security aspects need this kind of guidance. By describing 6 threats which are divided into 6 Security Objectives (SO). 11 Security Functional Requirements (SFR) are needed to deal with the threat. And at the end of the section, it is illustrated the correlation each SFR has been able to overcome all threats. With every threat, SO, and SFR mapped.","PeriodicalId":113108,"journal":{"name":"2020 8th International Conference on Information and Communication Technology (ICoICT)","volume":"247 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 8th International Conference on Information and Communication Technology (ICoICT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICoICT49345.2020.9166294","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

The traditional validation process of the attendance system today still has myriad threats in its use. One of that is popularly known as the manipulation of attendance data (especially if using paper-based). This study aims to improve security during the validation system by designing a security document that can be used as a guide when developing an attendance system. After following each step in the common criteria framework, a security document will be generated later. The document is also commonly referred to as the Protection Profile (PP) of the document. PP documents can be used as a basic guide when a developer will build a product. Generally, products related to security aspects need this kind of guidance. By describing 6 threats which are divided into 6 Security Objectives (SO). 11 Security Functional Requirements (SFR) are needed to deal with the threat. And at the end of the section, it is illustrated the correlation each SFR has been able to overcome all threats. With every threat, SO, and SFR mapped.

查看原文本刊更多论文

生物识别考勤系统开发的安全功能需求

传统的考勤系统验证过程在今天的使用中仍然存在着无数的威胁。其中之一是众所周知的考勤数据操纵(特别是使用纸质数据时)。本研究旨在设计一份安全文件，作为开发考勤系统的参考，以提高考勤验证系统的安全性。在遵循公共标准框架中的每个步骤之后，稍后将生成一个安全文档。该文件通常也被称为文件的保护概要文件(PP)。PP文档可以作为开发人员构建产品的基本指南。通常，与安全方面相关的产品都需要这种指导。通过描述6种威胁，将其分为6个安全目标(SO)。应对该威胁需要配置11 SFR (Security Functional Requirements)。在本节的最后，说明了每个SFR能够克服所有威胁的相关性。每一个威胁，SO和SFR都被映射出来了。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 8th International Conference on Information and Communication Technology (ICoICT)

自引率

0.00%

发文量