Specification and Design of Advanced Authentication and Authorization Services

TitleSpecification and Design of Advanced Authentication and Authorization Services
Publication TypeJournal Article
Year of Publication2005
AuthorsJ. Lopez, J. A. Montenegro, J. L. Vivas, E. Okamoto, and E. Dawson
JournalComputer Standards & Interfaces
Volume27
Number5
Pagination467-478
Date PublishedJun 2005
PublisherElsevier
ISSN Number0920-5489
Abstract

A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering. Empirical studies show that it is common at the business process level that customers and end users are able to express their security needs. Among the security needs of Internet applications, authentication and authorization services are outstanding and, sometimes, privacy becomes a parallel requirement. In this paper, we introduce a methodology for the specification of security requirements and use a case study to apply our solution. We further detail the resulting system after extending it with an Authentication and Authorization Infrastructure.

DOI10.1016/j.csi.2005.01.005
Citation Keyjavierlopez2005c
Paper File: 
https://www.nics.uma.es/sites/default/files/papers/javierlopez2005c.pdf

Supported by