Goal-oriented security requirements analysis for a system used in several different activities

Haruhiko Kaiya, Takao Okubo, Nobuyuki Kanaya, Yuji Suzuki, Shinpei Ogata, Kenji Kaijiri, Nobukazu Yoshioka

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)


Because an information system is used in different activities simultaneously today, we have to analyze usages of the system in the existing activities and to-be usages in an intended activity together. Especially, security aspects should be carefully analyzed because existing activities are not always secure. We propose a security requirements analysis method for resolving this problem. To take both existing and intended activities into account together, we integrate them on the basis of the unification of common actors. To explore possible attacks under integrated activities, we enumerate achievable attacks on the basis of the possible means in each actor with the help of security knowledge. To avoid or mitigate the attacks and to achieve fundamental goals, we disable some means or narrow down the means to be monitored with the help of propositional logic formulae. Through case studies on insurance business, we illustrated our idea.

Original languageEnglish
Title of host publicationAdvanced Information Systems Engineering Workshops - CAiSE 2013 International Workshops, Proceedings
PublisherSpringer Verlag
Number of pages12
ISBN (Print)9783642384899
Publication statusPublished - 2013
Externally publishedYes
Event25th Conference on Advanced Information Systems Engineering, CAiSE 2013 - Valencia, Spain
Duration: 2013 Jun 172013 Jun 21

Publication series

NameLecture Notes in Business Information Processing
Volume148 LNBIP
ISSN (Print)1865-1348


Conference25th Conference on Advanced Information Systems Engineering, CAiSE 2013


  • Goal-Oriented Requirements Analysis
  • Logic
  • Security Requirements Analysis
  • Strategic Dependency

ASJC Scopus subject areas

  • Management Information Systems
  • Control and Systems Engineering
  • Business and International Management
  • Information Systems
  • Modelling and Simulation
  • Information Systems and Management


Dive into the research topics of 'Goal-oriented security requirements analysis for a system used in several different activities'. Together they form a unique fingerprint.

Cite this