Movatterモバイル変換

[0]ホーム
URL:

Skip to main content

Advertisement

Springer Nature Link
Log in

Security and Trust Requirements Engineering

  • Chapter

Abstract

Integrating security concerns throughout the whole software development process is one of today’s challenges in software and requirements engineering research. A challenge that so far has proved difficult to meet.

The major difficulty is that providing security does not only require to solve technical problems but also to reason on the organization as a whole. This makes the usage of traditional software engineering methologies difficult or unsatisfactory: most proposals focus on protection aspects of security and explicitly deal with low level protection mechanisms and only an handful of them show the ability of capturing the high-level organizational security requirements, without getting suddenly bogged down into security protocols or cryptography algorithms.

In this paper we critically review the state of the art in security requirements engineering and discuss the motivations that led us to propose the Secure Tropos methodology, a formal framework for modelling and analyzing security, that enhances the agent-oriented software development methodology i*/Tropos. We illustrate the Secure Tropos approach, a comprehensive case study, and discuss some later refinements of the Secure Tropos methodology to address some of its shortcomings. Finally, we introduce the ST-Tool, a CASE tool that supports our methodology.

This article provides a survey of the research material which is described in [25,26,27,28]

This is a preview of subscription content,log in via an institution to check access.

Access this chapter

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley, Reading (1995)

    MATH  Google Scholar 

  2. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic Databases. In: Proc. of VLDB 2002, pp. 143–154. Morgan Kaufmann, San Francisco (2002)

    Google Scholar 

  3. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: An Implementation of P3P Using Database Technology. In: Bertino, E., Christodoulakis, S., Plexousakis, D., Christophides, V., Koubarakis, M., Böhm, K., Ferrari, E. (eds.) EDBT 2004. LNCS, vol. 2992, pp. 845–847. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  4. Anderson, R.: Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley Computer Publishing, Chichester (2001)

    Google Scholar 

  5. Antòn, A.I., Earp, J.B.: A requirements taxonomy for reducing Web site privacy vulnerabilities. Requirements Eng 9(3), 169–185 (2004)

    Article  Google Scholar 

  6. Antòn, A.I., Earp, J.B., Reese, A.: Analyzing Website privacy requirements using a privacy goal taxonomy. In: Proc. of RE 2002, pp. 23–31. IEEE Press, Los Alamitos (2002)

    Google Scholar 

  7. Aura, T.: On the Structure of Delegation Networks. In: Proc. of 1998 CSFW, pp. 14–26. IEEE Press, Los Alamitos (1998)

    Google Scholar 

  8. Backes, M., Karjoth, G., Bagga, W., Schunter, M.: Efficient comparison of enterprise privacy policies. In: Proc. of SAC 2004 (2004)

    Google Scholar 

  9. Backes, M., Pfitzmann, B., Schunter, M.: A Toolkit for Managing Enterprise Privacy Policies. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 162–180. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  10. Bresciani, P., Giorgini, P., Giunchiglia, F., Mylopoulos, J., Perini, A.: TROPOS: An Agent-Oriented Software Development Methodology. JAAMAS 8(3), 203–236 (2004)

    Google Scholar 

  11. Castelfranchi, C., Falcone, R.: Principles of trust for MAS: Cognitive anatomy, social importance and quantification. In: Proc. of ICMAS 1998, pp. 72–79. IEEE Press, Los Alamitos (1998)

    Google Scholar 

  12. Chung, L.K., Nixon, B.A., Yu, E., Mylopoulos, J.: Non-Functional Requirements in Software Engineering. Kluwer Publishing, Dordrecht (2000)

    MATH  Google Scholar 

  13. Cranor, L., Langheinrich, M., Marchiori, M., Reagle, J.: The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. W3C Recommendation (April 2002)

    Google Scholar 

  14. Crook, R., Ince, D., Lin, L., Nuseibeh, B.: Security Requirements Engineering: When Anti-requirements Hit the Fan. In: Proc. of RE 2002, pp. 203–205. IEEE Press, Los Alamitos (2002)

    Google Scholar 

  15. DeTreville, J.: Binder, a logic-based security language. In: Proc. of 2002 IEEE Symp. on Sec. and Privacy, pp. 95–103. IEEE Press, Los Alamitos (2002)

    Google Scholar 

  16. Devanbu, P.T., Stubblebine, S.G.: Software engineering for security: a roadmap. In: Proc. of ICSE 2000, pp. 227–239 (2000)

    Google Scholar 

  17. Doan, T., Demurjian, S., Ting, T.C., Ketterl, A.: MAC and UML for secure software design. In: Proc. of FMSE 2004, pp. 75–85. ACM Press, New York (2004)

    Chapter  Google Scholar 

  18. Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed nist standard for role-based access control. TISSEC 4(3), 224–274 (2001)

    Article  Google Scholar 

  19. Fredriksen, R., Kristiansenand, M., Stølen, B.A.G.K., Opperud, T.A., Dimitrakos, T.: The CORAS framework for a model-based risk management process. In: Anderson, S., Bologna, S., Felici, M. (eds.) SAFECOMP 2002. LNCS, vol. 2434, pp. 94–105. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  20. Fuxman, A., Liu, L., Pistore, M., Roveri, M., Mylopoulos, J.: Specifying and analyzing early requirements: Some experimental results. In: Proc. of RE 2003. IEEE Press, Los Alamitos (2003)

    Google Scholar 

  21. Gans, G., Jarke, M., Kethers, S., Lakemeyer, G.: Modeling the Impact of Trust and Distrust in Agent Networks. In: Proc. of AOIS 2001, pp. 45–58 (2001)

    Google Scholar 

  22. Gelfond, M., Lifschitz, V.: The stable model semantics for logic programming. In: Proc. of the 5th Int. Conf. on Log. Prog., pp. 1070–1080. MIT Press, Cambridge (1988)

    Google Scholar 

  23. Giorgini, P., Massacci, F., Mylopoulos, J.: Requirement Engineering meets Security: A Case Study on Modelling Secure Electronic Transactions by VISA and Mastercard. In: Song, I.-Y., Liddle, S.W., Ling, T.-W., Scheuermann, P. (eds.) ER 2003. LNCS, vol. 2813, pp. 263–276. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  24. Giorgini, P., Massacci, F., Mylopoulos, J., Siena, A., Zannone, N.: ST-Tool: A CASE Tool for Modeling and Analyzing Trust Requirements. In: Herrmann, P., Issarny, V., Shiu, S.C.K. (eds.) iTrust 2005. LNCS, vol. 3477, pp. 415–419. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  25. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Filling the gap between Requirements Engineering and Public Key/Trust Management Infrastructures. In: Katsikas, S.K., Gritzalis, S., López, J. (eds.) EuroPKI 2004. LNCS, vol. 3093, pp. 98–111. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  26. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Requirements Engineering meets Trust Management: Model, Methodology, and Reasoning. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds.) iTrust 2004. LNCS, vol. 2995, pp. 176–190. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  27. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Modeling Security Requirements Through Ownership, Permission and Delegation. In: Proc. of RE 2005 (2005) (to appear)

    Google Scholar 

  28. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Modelling Social and Individual Trust in Requirements Engineering Methodologies. In: Herrmann, P., Issarny, V., Shiu, S.C.K. (eds.) iTrust 2005. LNCS, vol. 3477, pp. 161–176. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  29. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: ST-Tool: A CASE Tool for Security Requirements Engineering. In: Proc. of RE 2005 (2005) (to appear)

    Google Scholar 

  30. Guessoum, Z., Ziane, M., Faci, N.: Monitoring and Organizational-Level Adaptation of Multi-Agent Systems. In: Proc. of AAMAS 2004, pp. 514–521. ACM Press, New York (2004)

    Google Scholar 

  31. Hannoun, M., Sichman, J.S., Boissier, O., Sayettat, C.: Dependence Relations between Roles in a Multi-Agent System: Towards the Detection of Inconsistencies in Organization. In: Sichman, J.S., Conte, R., Gilbert, N. (eds.) MABS 1998. LNCS (LNAI), vol. 1534, pp. 169–182. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  32. He, Q., Antón, A.I.: A Framework for Modeling Privacy Requirements in Role Engineering. In: Proc. of the 9th Int. Workshop on Requirements Eng.: Found. for Software Quality, pp. 137–146 (2003)

    Google Scholar 

  33. Jaeger, T., Prakash, A.: Requirements of role-based access control for collaborative systems. In: Proc. of 1st ACM Workshop on Role-Based Access Control, pp. 53–64. ACM Press, New York (1995)

    Google Scholar 

  34. Jones, A.J.I., Sergot, M.J.: A Formal Characterisation of Institutionalised Power. J. of the Interest Group in Pure and Appl. Log. 4(3), 429–445 (1996)

    MathSciNet  Google Scholar 

  35. Jürjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2004)

    Google Scholar 

  36. Kaminka, G.A., Pynadath, D.V., Tambe, M.: Monitoring Teams by Overhearing: A Multi-Agent Plan-Recognition Approach. JAIR 17, 83–135 (2002)

    MATH  Google Scholar 

  37. Karjoth, G., Schunter, M., Waidner, M.: Platform for Enterprise Privacy Practices: Privacy-enabled Management of Customer Data. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 69–84. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  38. Li, N., Grosof, B.N., Feigenbaum, J.: Delegation logic: A logic-based approach to distributed authorization. TISSEC 6(1), 128–171 (2003)

    Article  Google Scholar 

  39. Li, N., Mitchell, J.C., Winsborough, W.H.: Design of A Role-based Trust-management Framework. In: Proc. of 2002 IEEE Symp. on Sec. and Privacy, pp. 114–130. IEEE Press, Los Alamitos (2002)

    Google Scholar 

  40. Lin, L.-C., Nuseibeh, B., Ince, D., Jackson, M., Moffett, J.: Analysing Security Threats and Vulnerabilities Using Abuse Frames. Technical Report 2003/10, The Open University (2003)

    Google Scholar 

  41. Liu, L., Yu, E.S.K., Mylopoulos, J.: Security and Privacy Requirements Analysis within a Social Setting. In: Proc. of RE 2003, pp. 151–161. IEEE Press, Los Alamitos (2003)

    Google Scholar 

  42. Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)

    Google Scholar 

  43. Massacci, F., Prest, M., Zannone, N.: Using a Security Requirements Engineering Methodology in Practice: The compliance with the Italian Data Protection Legislation. Comp. Standards & Interfaces 27(5), 445–455 (2005); An extended version is available as Technical report DIT-04-103 at,eprints.biblio.unitn.it

  44. McDermott, J., Fox, C.: Using Abuse Case Models for Security Requirements Analysis. In: Proc. of ACSAC 1999, pp. 55–66. IEEE Press, Los Alamitos (1999)

    Google Scholar 

  45. Mouratidis, H., Giorgini, P., Manson, G.: Modelling secure multiagent systems. In: Proc. of AAMAS 2003, pp. 859–866. ACM Press, New York (2003)

    Chapter  Google Scholar 

  46. Nwana, H.: Software agents: An overview. Knowledge Engineering Review J 11(3) (1996)

    Google Scholar 

  47. Osborn, S., Sandhu, R., Munawer, Q.: Configuring role-based access control to enforce mandatory and discretionary access control policies. TISSEC 3(2), 85–106 (2000)

    Article  Google Scholar 

  48. Ponemon, L.: What Keeps Security Professionals Up At Night? (April 2003),http://www.darwinmag.com/read/040103/threats.html

  49. Ray, I., Li, N., France, R., Kim, D.-K.: Using UML to visualize role-based access control constraints. In: Proc. of SACMAT 2004, pp. 115–124. ACM Press, New York (2004)

    Chapter  Google Scholar 

  50. Samarati, P., di Vimercati, S.D.C.: Access Control: Policies, Models, and Mechanisms. In: FOSAD 2001/2002. LNCS, vol. 2946, pp. 137–196. Springer, Heidelberg (2001)

    Google Scholar 

  51. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comp. 29(2), 38–47 (1996)

    Google Scholar 

  52. Sindre, G., Opdahl, A.L.: Eliciting security requirements with misuse cases. Requirements Eng. 10(1), 34–44 (2005)

    Article  Google Scholar 

  53. Stallings, W.: Cryptography and Network Security: Principles and Practice. Prentice-Hall, Englewood Cliffs (1999)

    Google Scholar 

  54. Syrjänen, T.: Lparse 1.0: User’s Manual. Helsinki University of Technology (2000)

    Google Scholar 

  55. Toval, A., Olmos, A., Piattini, M.: Legal requirements reuse: a critical success factor for requirements quality and personal data protection. In: Proc. of RE 2002, pp. 95–103. IEEE Press, Los Alamitos (2002)

    Google Scholar 

  56. Tryfonas, T., Kiountouzis, E., Poulymenakou, A.: Embedding security practices in contemporary information systems development approaches. Inform. Management and Comp. Sec. 9, 183–197 (2001)

    Article  Google Scholar 

  57. van Gelder, A.: The alternating fixpoint of logic programs with negation. In: Proc. of PODS 1989, pp. 1–10. ACM Press, New York (1989)

    Google Scholar 

  58. van Lamsweerde, A., Brohez, S., De Landtsheer, R., Janssens, D.: From System Goals to Intruder Anti-Goals: Attack Generation and Resolution for Security Requirements Engineering. In: Proc. of RHAS 2003, pp. 49–56 (2003)

    Google Scholar 

  59. van Lamsweerde, A., Letier, E.: Handling Obstacles in Goal-Oriented Requirements Engineering. TSE 26(10), 978–1005 (2000)

    Google Scholar 

  60. Viega, J., McGraw, G.: Building Secure Software. Addison-Wesley, Reading (2001)

    Google Scholar 

  61. Yu, E.S.K.: Agent-Oriented Modelling: Software versus the World. In: Wooldridge, M.J., Weiß, G., Ciancarini, P. (eds.) AOSE 2001. LNCS, vol. 2222, pp. 206–225. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  62. Zave, P.: Classification of research efforts in requirements engineering. CSUR 29(4), 315–321 (1997)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information and Communication Technology, University of Trento, Italy

    Paolo Giorgini, Fabio Massacci & Nicola Zannone

Authors
  1. Paolo Giorgini

    You can also search for this author inPubMed Google Scholar

  2. Fabio Massacci

    You can also search for this author inPubMed Google Scholar

  3. Nicola Zannone

    You can also search for this author inPubMed Google Scholar

Editor information

Editors and Affiliations

  1. Istituto di Scienze e Tecnologie dell’Informazione, Università degli Studi di Urbino “Carlo Bo”, Piazza della Repubblica 13, 61029, Urbino, Italy

    Alessandro Aldini

  2. Dipartimento di Scienze dell’Informazione, Università di Bologna, Mura A. Zamboni, 7, 40127, Bologna, Italy

    Roberto Gorrieri

  3. IIT CNR, Pisa, via Moruzzi, 1, 56125, Pisa, Italy

    Fabio Martinelli

Rights and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Giorgini, P., Massacci, F., Zannone, N. (2005). Security and Trust Requirements Engineering. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds) Foundations of Security Analysis and Design III. FOSAD FOSAD 2005 2004. Lecture Notes in Computer Science, vol 3655. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11554578_8

Download citation

Publish with us

[8]ページ先頭
©2009-2025 Movatter.jp