Functional and Non-Functional Requirements of Information Security

Ensuring system security through examination of exceptional and alternate flows

Authors

  • Manjula Verma CMJ University Author
  • Dr. Pardeep Goel Author

Keywords:

functional requirements, non-functional requirements, information security, security design, development projects, base flows, exceptional flows, alternate flows, attack vectors, insecure state, security mechanisms, audit logs, IDS tools, security exceptions

Abstract

Fundamental principle in security design is to plan forfailure. Development projects are mainly focused on base flows of the systemsince these implement business valuable features. However from a securitystandpoint, exceptional and alternate flows highlight paths that often becomeattack vectors once the system is deployed. These flows are worth examinationby Information Security to ensure that the system is not likely to enter aninsecure state and to identify areas to deploy security mechanisms such asaudit logs and IDS tools to catch security exceptions when they occur.

Downloads

Download data is not yet available.

Downloads

Published

2012-05-01

Issue

Vol. 3 No. 5 (2012): Journal of Advances in Science and Technology (JAST)

Section

Articles