Embedding Security Functionality In Formal Specifications Of Requirements

The methodology in this paper will let designers specify the security properties defined through the functional families of the ISO/IEC 15408 Standard, graphic representations.  This blueprint will allow both business and technical participants, to discuss and refine a common solution.  It also serves as a roadmap, to guide the implementation process. We feel this can become a useful supporting methodology for the construction of effective security responses, because it ensures both the widest possible participation in the design process as well as the greatest degree of understanding.  The fact that the advice of the world’s experts is readily available and easy to use as a result of this process might also serve to make the mission to protect America’s information assets a little more effective.