Abstract
M.Com. (Information systems)
This
study
has its origin in the
growing
need for
information
systems to be classified as
'secure'.
With the
increasing
use
of
Computer
Aided
Software
Engineering
(CASE)
tools
in
the design
of
application
systems for commercial use, the risks that exist in
terms
of
information
security
have
become
more prominent.
The
importance
of
considering
security
during the analysis and design
of
an
information
system, in
other
words,
on a logical level, is increasing daily. Usually
security
features
are
added
to
existing
application
systems on an
ad hoc
basis.
Security
design
activities
should
become
such an
integrated
part
of
systems
analysis and design activities on a logical level, that
a
complete
integration
of
the two fields,
security
and
computer
aided
software
engineering,
can be
achieved.
The aim
of
this
dissertation
is to
study
the
literature
to
discover
existing
approaches
to
this
integration,
and to
extract
the
strengths
from them and expand on
those
strengths
in
order
to
compile
an
approach
that
is
completely
implementable
in the form
of
a
prototype
data
flow
design tool (DFD
tool).
The
proposed
approach
to
the
secure
analysis and
design
of
an
application
system
of
a logical level, which is
presented
in
Chapter
4, is
designed
in
conjunction
with H.A.S.
Booysen
[Booysen,
Kasselman,
Eloff
- 1994].
Existing
CASE-tools
have also been studied by the
author
to
determine
their current
capabilities, especially in terms
of
security
definition activities, but also in
terms
of
their
support
to the
systems
analyst during the analysis and design phases
of
the
project
life
cycle
when
developing
a
target
application
system.