Abstract

Integrating Security Considerations smoothly into early life-cycle activities: uniform application of cost-benefit analyses to both functional, and security requrements; unified modeling approaches to integrate the engineering of both functional requirements and security requirements. The development of architectures and designs that are easier to adapt to rapidly evolving security policies, and approaches to facilitate the integration of security features into legacy systems. The invention of cogent, flexible economic models of adversary behaviour which can underly the rational design of software copy-protection and watermarking techniques in different application contexts. Better techniques for formulating desirable security properties, and the development of scalable, predictable, static ancl dynamic verification tools to evaluate the security of software systems. The development of automated, robust, flexible infra-structures for post-deployment system administration, that can adapt to the organization's confidentiality, non-repudiation, and trust-delegation requirements.