中文摘要：

在开发基于Internet的大型复杂软件系统时，应该在体系结构层次上考虑业务需求和安全需求，而安全需求的体系结构描述语言（SRADL）是研究和应用安全需求体系结构的基础．传统的体系结构描述语言没有专门针对安全需求的构件、连接件和体系结构风格的描述，因此，在体系结构层次上描述安全需求还比较困难．提出了一种基于XML的安全需求体系结构描述语言——XSSRA／ADL，它引入了安全构件、半安全构件、安全连接件、半安全连接件等设计单元，不仅能够描述安全需求的体系结构，而且也较好地解决了软件系统中业务需求与安全需求在高层的交互和依赖关系．另外，XSSRA／ADL采用数据互操作标准XML作为元语言，这使得它具有与其他ADL的互操作性，并便于支持系统的精化和演化．

英文摘要：

It is imperative to consider the functional requirements and the security requirements on architecture level when developing the large and complex software systems in Internet, and the security requirement architecture description language （SADL） is the foundation for researching and implementing the security requirement architecture. Because traditional architecture description languages have no direct component, connector and style for the security requirements, it is difficult to describe these security requirements on the architecture level. An XML-based software security requirement architecture description language （XSSRA/ADL） is presented, which, based on the traditional software architecture, puts forward some new fundamental units, such as security component, security connector, half-security component, half-security connector, and so on. XSSRA/ADL not only can describe the security architecture of software systems, but also can resolve the interaction and dependency between security requirements and other functional requirements on the architecture level of software systems. On the other hand, XSSRA/ADL adopts XML, the data inter-operation standard, as the meta-language, which enables it to have inter-operability with other ADLs, and to be convenient for supporting refinement and evolution of the system.