QUT ePrints

Specification and Design of Advanced Authentication and Authorisation Services

Dawson, Edward, Lopez, Javier , Montenegro, Jose , Okamoto, Eiji , & Vivas, Jose (2005) Specification and Design of Advanced Authentication and Authorisation Services. Computer Standards and Interfaces, 27(5), pp. 467-478.

View at publisher

Abstract

A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering. Empirical studies show that it is common at the business process level that customers and end users are able to express their security needs. Among the security needs of Internet applications, authentication and authorization services are outstanding and, sometimes, privacy becomes a parallel requirement. In this paper, we introduce a methodology for the specification of security requirements and use a case study to apply our solution. We further detail the resulting system after extending it with an Authentication and Authorization Infrastructure.

Impact and interest:

16 citations in Scopus
Search Google Scholar™
13 citations in Web of Science®

Citation countsare sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

ID Code: 21737
Item Type: Journal Article
Keywords: Authentication, X.509 Certificates, PKI, Privacy, Business Process Model
DOI: 10.1016/j.csi.2005.01.005
ISSN: 0920-5489
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > DATA FORMAT (080400) > Data Format not elsewhere classified (080499)
Divisions: Past > QUT Faculties & Divisions > Faculty of Science and Technology
Past > Institutes > Information Security Institute
Deposited On: 17 Jun 2009 22:57
Last Modified: 29 Feb 2012 23:13

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page