Abstract:
It is imperative to consider the functional requirements and the security requirements on architecture level when developing the large and complex software systems in Internet, and the security requirement architecture description language (SADL) is the foundation for researching and implementing the security requirement architecture. Because traditional architecture description languages have no direct component, connector and style for the security requirements, it is difficult to describe these security requirements on the architecture level. An XML-based software security requirement architecture description language (XSSRA/ADL) is presented, which, based on the traditional software architecture, puts forward some new fundamental units, such as security component, security connector, half-security component, half-security connector, and so on. XSSRA/ADL not only can describe the security architecture of software systems, but also can resolve the interaction and dependency between security requirements and other functional requirements on the architecture level of software systems. On the other hand, XSSRA/ADL adopts XML, the data inter-operation standard, as the meta-language, which enables it to have inter-operability with other ADLs, and to be convenient for supporting refinement and evolution of the system.