Abstract
The last years have seen a number of proposals to incorporate Security Engineering into mainstream Software Requirements Engineering. However, capturing trust and security requirements at an organizational level (as opposed to a design level) is still an open problem.This paper presents a formal framework for modeling and analyzing security and trust requirements. It extends the Tropos methodology, an agent-oriented software engineering methodology. The key intuition is that in modeling security and trust, we need to distinguish between the actors that manipulate resources, accomplish goals or execute tasks, and actors that own the resources or the goals. To analyze an organization and its information systems, we proceed in two steps. First, we built a trust model, determining the trust relationships among actors, and then we give a functional model, where we analyze the actual delegations against the trust model, checking whether an actor that offers a service is authorized to have it.
The formal framework allows for the automatic verification of security and trust requirements by using a suitable delegation logic that can be mechanized within Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study.
This work has been partially funded by the IST programme of the EU Commission, FET under the IST-2001-37004 WASP project and by the FIRB programme of MIUR under the RBNE0195K5 ASTRO Project. We would like to thank the anonymous reviewers for useful comments.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley, Reading (1995)
Anderson, R.: A security policy model for clinical information systems. In: Proc. of the 15th IEEE Symp. on Security and Privacy, IEEE Comp. Society Press, Los Alamitos (1996)
Anderson, R.: Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley Computer Publishing, Chichester (2001)
Bresciani, P., Giunchiglia, F., Mylopoulos, J., Perini, A.: TROPOS: An Agent- Oriented Software Development Methodology. JAAMAS (to appear)
Castro, J., Kolp, M., Mylopoulos, J.: Towards Requirements-Driven Information Systems Engineering: The Tropos Project. Inform. Sys. 27(6), 365–389 (2002)
Chung, L., Nixon, B.: Dealing with non-functional requirements: Three experimental studies of a process-oriented approach. In: Proc. of ICSE 1995 (1995)
Crook, R., Ince, D., Lin, L., Nuseibeh, B.: Security requirements engineering: When anti-requirements hit the fan. In: Proc. of RE 2002, IEEE Computer Society, Los Alamitos (2002)
Dardenne, A., Lamsweerde, A.V., Fickas, S.: Goal-directed requirements acquisition. Science of Computer Programming (1991)
Dell’Armi, T., Faber, W., Ielpa, G., Leone, N., Pfeifer, G.: Aggregate functions in disjunctive logic programming: Semantics, complexity, and implementation in dlv. In: Proc. of IJCAI 2003, Morgan Kaufmann Publishers, San Francisco (2003)
Devanbu, P.T., Stubblebine, S.G.: Software engineering for security: a roadmap. In: ICSE - Future of SE Track, pp. 227–239 (2000)
Fuxman, A., Liu, L., Pistore, M., Roveri, M., Mylopoulos, J.: Specifying and analyzing early requirements: Some experimental results. In: Proc. of ICRE 2003, p. 105. IEEE Computer Society, Los Alamitos (2003)
Fuxman, A., Pistore, M., Mylopoulos, J., Traverso, P.: Model checking early requirements specifications in tropos. In: Proc. of RE 2001, Toronto, August 2001, pp. 174–181. IEEE Computer Society, Los Alamitos (2001)
Giorgini, P., Massacci, F., Mylopoulos, J.: Requirement Engineering meets Security: A Case Study on Modelling Secure Electronic Transactions by VISA and Mastercard. In: Song, I.-Y., Liddle, S.W., Ling, T.-W., Scheuermann, P. (eds.) ER 2003. LNCS, vol. 2813, pp. 263–276. Springer, Heidelberg (2003)
Giorgini, P., Nicchiarelli, E., Mylopoulous, J., Sebastiani, R.: Formal reasoning techniques for goal models. J. of Data Semantics 1 (2003)
Guttorm, S.: Eliciting security requirements by misuse cases. In: Proceedings of TOOLS Pacific 2000 (2000)
Jürjens, J.: Towards Secure Systems Development with UMLsec. In: Hussmann, H. (ed.) FASE 2001. LNCS, vol. 2029, p. 187. Springer, Heidelberg (2001)
Li, N., Grosof, B.N., Feigenbaum, J.: Delegation logic: A logic-based approach to distributed authorization. In: ACM TISSEC 2003, vol. 6(1), pp. 128–171 (2003)
Li, N., Winsborough, W.H., Mitchell, J.C.: Beyond proof-of-compliance: Safety and availability analysis in trust management. In: Proc. of Symposium on Security and Privacy (2003)
Liu, L., Yu, E., Mylopoulos, J.: Analyzing security requirements as relationships among strategic actors. In: Proc. of SREIS 2002, North Carolina, Raleigh (2002)
Liu, L., Yu, E., Mylopoulos, J.: Security and privacy requirements analysis within a social setting. In: Proc. of RE 2003, pp. 151–161 (2003)
Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)
McDermott, J., Fox, C.: Using abuse care models for security requirements analysis. In: Proc. of ACSAC 1999 (December 1999)
Mouratidis, H., Giorgini, P., Manson, G.: Modelling secure multiagent systems. In: Proc. of AAMAS 2003, pp. 859–866. ACM Press, New York (2003)
Sommerville, I.: Software Engineering. Addison-Wesley, Reading (2001)
Tryfonas, T., Kiountouzis, E., Poulymenakou, A.: Embedding security practices in contemporary information systems development approaches. Information Management and Computer Security 9, 183–197 (2001)
Yu, E., Cysneiros, L.: Designing for privacy and other competing requirements. In: Proc. of SREIS 2002, North Carolina, Raleigh (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N. (2004). Requirements Engineering Meets Trust Management. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds) Trust Management. iTrust 2004. Lecture Notes in Computer Science, vol 2995. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24747-0_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-24747-0_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21312-3
Online ISBN: 978-3-540-24747-0
eBook Packages: Springer Book Archive