@article{oai:soar-ir.repo.nii.ac.jp:00012554,
 author = {Kaiya,  H and Sasaki,  K and Kaijiri,  K},
 journal = {Progress in Informatics},
 month = {Apr},
 note = {Users and providers of an information system should clearly understand the threats caused by the system as well as clarify the requirements for it before they actually use or develop it. In particular, they should be more careful when certain components or services are provided by third-parties. However, few tools can help identify and highlight threats to the security requirements. In this paper, we present a support tool called “PORTAM” for such users and providers to better understand the threats and the requirements. Suppose some requirements cannot be satisfied when some threats are avoided, and vice versa. In such cases, they should decide whether the requirements could be satisfied or the threats avoided. The tool also helps them to decide these kinds of trade-offs. The current version of this tool handles Java mobile code applications, thus users of our tool can readily understand the existence of real threats. Although the current version deals with only Java components, the ideas behind the tool can be applied to software in general. We complete this report by discussing some experimental results to confirm the usefulness for pedagogical purposes., Article, Progress in Informatics. 5:7-18 (2008)},
 pages = {7--18},
 title = {PORTAM: policy, requirements, and threats analyzer for mobile code applications.},
 volume = {5},
 year = {2008}
}