Data Flow Diagram (DFD) is a methodology which can be applied to design an information system and even the behaviour of a whole organization. It has the advantages of simplicity and popularity by using simple notations. But, it is semi formal which means it lacks representation of semantics. Also, it doesn 't consider security features of the system. In, this paper, we describe our new proposed methodology called FSDFD Formal Secure Data Flow Diagram). The idea of this proposal has been born from an increasing need of organizations to secure their information systems by making a secure and a formal design of each information system component. FSDFD will not only design formally more secured systems but also it will automate some security activities like security audit, risk analysis and vulnerability assessment. Use of FSDFD will so let organizations reduce both supported risk and security costs and improve security and assurance levels of their system.
[1]
Edward Yourdon,et al.
Modern structured analysis
,
1989
.
[2]
Shaoying Liu.
SOFL: a formal engineering methodology for industrial applications
,
1997,
Proceedings of ISRE '97: 3rd IEEE International Symposium on Requirements Engineering.
[3]
Tai-hoon Kim,et al.
Formal Representations of the Data Flow Diagram: A Survey
,
2008,
2008 Advanced Software Engineering and Its Applications.
[4]
Marwan Abi-Antoun,et al.
Checking threat modeling data flow diagrams for implementation conformance and security
,
2007,
ASE.
[5]
David Chenho Kung,et al.
Formal definition and verification of data flow diagrams
,
1991,
Journal of Systems and Software.