IMSA - Intra Model Security Assurance

Qiang Zhi⁺, Shuichiro Yamamoto, and Shuji Morisaki
 

Nagoya University, Nagoya, Aichi, 464-8601, Japan
zhiqiang0728@gmail.com, syamamoto@acm.org, morisaki@is.nagoya-u.ac.jp 

Abstract

Security assurance cases for architecture diagrams are developed independently by using traditional approaches. This paper proposes a new method, Intra Model Security Assurance, IMSA, approach to develop both security assurance cases and architectures in the same diagrams by using ArchiMate. IMSA enables to efficiently assure security by reducing the cognition and operation gaps caused by manipulating different diagrams such as security assurance cases and architecture diagrams. The effectiveness of the proposed method is also showed by experimental evaluation. According to the experimental results, proposed approach is superior to traditional approach for assuring security.

Keywords: Security case, Assurance case, Intra Model Security Assurance, Enterprise Architecture,
ArchiMate.

+: Corresponding author: Qiang Zhi
Room 566, South Building of Integrated Build, Graduate School of Informatics, Nagoya University, Furo-cho, Chikusa-ku, Nagoya, Aichi, 464-8601, Japan, Tel: +81-052-789-5989

Journal of Internet Services and Information Security (JISIS), 8(2): 18-32, May 2018
DOI: 10.22667/JISIS.2018.05.31.018 [pdf]