Specification and Design of Advanced Authentication and Authorisation Services
Dawson, Edward, Lopez, Javier, Montenegro, Jose, Okamoto, Eiji, & Vivas, Jose (2005) Specification and Design of Advanced Authentication and Authorisation Services. Computer Standards and Interfaces, 27(5), pp. 467-478.
A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering. Empirical studies show that it is common at the business process level that customers and end users are able to express their security needs. Among the security needs of Internet applications, authentication and authorization services are outstanding and, sometimes, privacy becomes a parallel requirement. In this paper, we introduce a methodology for the specification of security requirements and use a case study to apply our solution. We further detail the resulting system after extending it with an Authentication and Authorization Infrastructure.
Impact and interest:
Citation counts are sourced monthly from and citation databases.
Citations counts from theindexing service can be viewed at the linked Google Scholar™ search.
|Item Type:||Journal Article|
|Keywords:||Authentication, X.509 Certificates, PKI, Privacy, Business Process Model|
|Subjects:||Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > DATA FORMAT (080400) > Data Format not elsewhere classified (080499)|
|Divisions:||Past > QUT Faculties & Divisions > Faculty of Science and Technology
Past > Institutes > Information Security Institute
|Deposited On:||17 Jun 2009 12:57|
|Last Modified:||29 Feb 2012 13:13|
Repository Staff Only: item control page