Satoh et al.
A model including the platform information required for creating security policies. These ideas make authentication configuration possible without understanding the platform-specific information, such as the federation of the security domain and the relationships of trust between the servers.
Specurity Aspects
Name
Description
Aims to ensures the correct authentication of the users if necessary and defines the required tokens to do so.
Specification Elements
Name
Description
Defines for an enitity in the system (e.g., a class) for which callers the authentication is required.
Defines for method to trust an intermediary who propagates identities.
Security Aspects
Authentication
Aims to ensures the correct authentication of the users if necessary and defines the required tokens to do so.- Specification Elements:
- Authentication
- Trust Method
- Threats:
- Information Disclosure
- Spoofing
- Tampering with Data
Specification Elements
Authentication
Defines for an enitity in the system (e.g., a class) for which callers the authentication is required.- Applies to:
- Entity
Trust Method
Defines for method to trust an intermediary who propagates identities.- Applies to:
- Activity