Abstract
This paper proposes using both formal and structured
informal arguments to show that an eventual realized
system can satisfy its security requirements. These
arguments, called 'satisfaction arguments', consist of two
parts: a formal argument based upon claims about
domain properties, and a set of informal arguments that
justify the claims. Building on our earlier work on trust
assumptions and security requirements, we show how
using satisfaction arguments assists in clarifying how a
system satisfies its security requirements, in the process
identifying those properties of domains that are critical to
the requirements.
Users
Please
log in to take part in the discussion (add own reviews or comments).