To secure information systems, the security risks and requirements must be clearly understood before the proper security mechanisms can be identified and designed. Today’s security requirement specifications are generally incomplete and narrowly focused, which leads to ineffective security designs of information systems. The author asserts that multiple views—management, threat, resource, process, assessment, and legal—of information systems provides an opportunity for a better understanding of security risks and requirements. In this paper, the author proposes a six-view perspective of a system security framework to identify a more complete set of security risks and requirements. The proposed framework presents a synergistic view of the system security in which the author presents an extensive list of heuristics/guidelines under each view, discussing security issues, risks, and requirements. Through a case study, the authors shows that a multiple view perspective of system security is effective in determining a more complete set of security requirements than the traditional approach of focusing on threats alone.
TopI. Introduction
The purpose of this paper is to propose a multi-view perspective framework for determining security requirements of an information system. The cyberspace age and Internet-based highly interactive environments are exposing more and more business operations and applications to the outside world (users, hackers, and compliance agencies etc.) as well as to the inside world (employees) (Savage, 2006). The complex business environment is necessitating a totally new view of system security. More and more security researchers and professionals (Straub, 1998; Dhillon, 2001; Levine, 2001; Whitman, 2005) have been recognizing that the system security should include not just the technical issues but also the other issues such as management, people, and process issues. There is high demand on businesses to deal with business process vulnerability, weakness in assessment and management activities, and legal requirements. This has increased the need for maintaining and securing a variety of information such as process, assessment, and legal information in addition to securing the traditional information about payroll and customers. Inadequate management structure, vulnerable business processes, or poor assessment criteria can have as much dire consequences as poor access controls, if not more. Since a system typically interacts with and is continuously exposed to the outside world (users, employees, hackers, etc.), one has to also be concerned with the ongoing assessment and management of system security. In order to develop a secure application, a complete picture of security risks and requirements should be understood before the proper security mechanisms can be identified and designed into the application. Secure application is an application that has been developed from the ground up with security mechanisms designed and built into it. In this paper we address three research questions: 1) What should security requirements be? 2) Can a scheme be devised to help identify a more complete set of security requirements that takes into account not only risks from standard threats but also risks from other sources such as process vulnerability, poor assessment, and inadequate policies? 3) How does the scheme help identify the security requirements and mechanisms? In answer to the first question, we argue that the scope of security in today’s complex business environment is far broader and multi-faceted and we propose a more comprehensive view of security requirements. In answer to the second question, we develop a multiple-perspective framework to help identify a more complete set of security requirements. We then apply the framework to a case study to show that the framework helps identify a more complete set of security requirements.
Today’s security requirement specifications are generally incomplete and narrowly focused. This results into an ineffective security design of an information system. In this paper we take a broader and a more synergistic view of system security. We assert that managers and system analysts need to look at the various aspects of system security simultaneously in order to have a more complete assessment of a situation and security needs. We propose a six-view perspective of system security that provides a more complete and unified depiction of different aspects of security while presenting an extensive list of heuristics and guidelines under each view. Under a unified view of system security, the analysis of security issues, risks, and requirements under each view is done within the context of all views. Each view of the perspective emphasizes and focuses on one aspect of system security. Each view also facilitates the identification of security requirements that must be met in order to address the issues under that view.
Section 2 discusses the current literature on system security. Section 3 presents the proposed six-view perspective of system security. Section 4 demonstrates the applicability of the six-view perspective of system security. The paper presents the contribution, limitation, and conclusion sections followed by the reference section.