Java移动代码的安全策略与Java应用程序需求之间的权衡分析

Proceedings. 11th IEEE International Requirements Engineering Conference, 2003. Pub Date : 2003-09-08 DOI:10.1109/ICRE.2003.1232785

H. Kaiya, Kouta Sasaki, Yasunori Maebashi, K. Kaijiri

{"title":"Java移动代码的安全策略与Java应用程序需求之间的权衡分析","authors":"H. Kaiya, Kouta Sasaki, Yasunori Maebashi, K. Kaijiri","doi":"10.1109/ICRE.2003.1232785","DOIUrl":null,"url":null,"abstract":"We propose a method for analyzing trade-off between security policies for Java mobile codes and requirements for Java application. We assume that mobile codes are downloaded from different sites, they are used in an application on a site, and their functions are restricted by security policies on the site. We clarify which functions to be performed under the policies on the site using our tool [H. Kaiya et al., (2002)]. We also clarify which functions are needed so as to meet the requirements for the application by goal oriented requirements analysis (GORA). By comparing functions derived from the policies and functions from the requirements, we find conflicts between the policies and the requirements, and also find vagueness of the requirements.","PeriodicalId":243621,"journal":{"name":"Proceedings. 11th IEEE International Requirements Engineering Conference, 2003.","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Trade-off analysis between security policies for Java mobile codes and requirements for Java application\",\"authors\":\"H. Kaiya, Kouta Sasaki, Yasunori Maebashi, K. Kaijiri\",\"doi\":\"10.1109/ICRE.2003.1232785\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We propose a method for analyzing trade-off between security policies for Java mobile codes and requirements for Java application. We assume that mobile codes are downloaded from different sites, they are used in an application on a site, and their functions are restricted by security policies on the site. We clarify which functions to be performed under the policies on the site using our tool [H. Kaiya et al., (2002)]. We also clarify which functions are needed so as to meet the requirements for the application by goal oriented requirements analysis (GORA). By comparing functions derived from the policies and functions from the requirements, we find conflicts between the policies and the requirements, and also find vagueness of the requirements.\",\"PeriodicalId\":243621,\"journal\":{\"name\":\"Proceedings. 11th IEEE International Requirements Engineering Conference, 2003.\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-09-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. 11th IEEE International Requirements Engineering Conference, 2003.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICRE.2003.1232785\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 11th IEEE International Requirements Engineering Conference, 2003.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICRE.2003.1232785","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

我们提出了一种分析Java移动代码安全策略与Java应用程序需求之间权衡的方法。我们假设移动代码是从不同的站点下载的，它们在站点上的应用程序中使用，并且它们的功能受到站点上安全策略的限制。我们使用我们的工具来澄清哪些功能是在网站政策下执行的。凯亚等，(2002)]。我们还通过面向目标的需求分析(GORA)来明确哪些功能是需要的，以满足应用程序的需求。通过比较策略衍生的功能和需求衍生的功能，我们发现了策略和需求之间的冲突，也发现了需求的模糊性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Trade-off analysis between security policies for Java mobile codes and requirements for Java application

We propose a method for analyzing trade-off between security policies for Java mobile codes and requirements for Java application. We assume that mobile codes are downloaded from different sites, they are used in an application on a site, and their functions are restricted by security policies on the site. We clarify which functions to be performed under the policies on the site using our tool [H. Kaiya et al., (2002)]. We also clarify which functions are needed so as to meet the requirements for the application by goal oriented requirements analysis (GORA). By comparing functions derived from the policies and functions from the requirements, we find conflicts between the policies and the requirements, and also find vagueness of the requirements.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings. 11th IEEE International Requirements Engineering Conference, 2003.

自引率

0.00%

发文量