Abstract
The consideration of security requirements in the development of multi-agent systems is a very difficult task. However, only few approaches have been proposed that try to integrate security issues as internal part of the development process. Amongst them, secure Tropos has been proposed as a structured approach towards the consideration of security issues in the development of multiagent systems. In this paper we enhance secure Tropos by integrating to its stages: (i) a process for selecting amongst alternative architectural styles using as criteria the security requirements of the system; (ii) a pattern-based approach to transform security requirements to design, and (iii) a security attack scenarios approach to test the developed solution. The electronic single assessment process (eSAP) case study is used to illustrate our approach.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bresciani, P., Giorgini, P., Giunchiglia, F., Mylopoulos, J., Perini, A.: TROPOS: An Agent-Oriented Software Development Methodology. Journal of Autonomous Agents and Multi-Agent Systems 8(3), 203–236 (2004)
Castro, J., Kolp, M., Mylopoulos, J.: Towards Requirements-Driven Information Systems Engineering: The Tropos project. In: Information Systems, vol. (27), pp. 365–389. Elsevier, The Netherlands, Amsterdam (2002)
Devanbu, P., Stubblebine, S.: Software Engineering for Security: a Roadmap. In: Proceedings of the conference of The future of Software engineering (2000)
Giorgini, P., Mylopoulos, J., Nicchiarelli, E., Sebastiani, R.: Reasoning with Goal Models. In: Spaccapietra, S., March, S.T., Kambayashi, Y. (eds.) ER 2002. LNCS, vol. 2503, p. 167. Springer, Heidelberg (2002)
Huget, M.-P.: Nemo: An Agent-Oriented Software Engineering Methodology. In: Proceedings of OOPSLA Workshop on Agent-Oriented Methodologies, John Debenham, Brian Henderson-Sellers, Nicholas Jennings and James Odell, Seattle, USA (November 2002)
Jennings, N.R., Wooldridge, M.: Agent–Oriented Software Engineering. In: Garijo, F.J., Boman, M. (eds.) MAAMAW 1999. LNCS, vol. 1647. Springer, Heidelberg (1999)
Kolp, M., Giorgini, P., Mylopoulos, J.: A Goal-Based Organizational Perspective on Multi-Agent Architectures. In: Meyer, J.-J.C., Tambe, M. (eds.) ATAL 2001. LNCS (LNAI), vol. 2333, p. 128. Springer, Heidelberg (2002)
Kosters, G., Pagel, B.U., Winter, M.: Coupling Use Cases and Class Models. In: Proceedings of the BCS-FACS/EROS workshop on Making Object Oriented Methods More Rigorous, Imperial College, London (1997)
Lehtonen, S., Pärssinen, J.: A Pattern Language for Cryptographic Key Management. In: Proceedings of the 7th European Conference on Pattern Languages of Programs (EuroPLoP), Irsee, Germany (June 2002)
Liu, L., Yu, E., Mylopoulos, J.: Analyzing Security Requirements as Relationships Among Strategic Actors. In: 2nd Symposium on Requirements Engineering for Information Security (SREIS 2002), Raleigh, North Carolina (2002)
Mouratidis, H., Giorgini, P., Manson, G., Philp, I.: A Natural Extension of Tropos Methodology for Modelling Security. In: Proceedings of the Agent Oriented Methodologies Workshop (OOPSLA 2002), Seattle, USA (November 2002)
Mouratidis, H.: A Secuirty Oriented Approach in the Development of Multiagent Systems: Applied to the Management of the Health and Social Care Needs of Older People in England. PhD thesis, University of Sheffield (2004)
Mouratidis, H., Giorgini, P., Manson, G.: Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems. In: Eder, J., Missikoff, M. (eds.) CAiSE 2003. LNCS, vol. 2681. Springer, Heidelberg (2003)
Mouratidis, H., Giorgini, P., Manson, G.: Modelling secure multiagent systems. In: Proceedings of the Second International Joint Conference on Autonomous Agents & Multiagent Systems, AAMAS 2003, Melbourne, Victoria, Australia, July 14-18, pp. 859–866. ACM, New York (2003)
Mouratidis, H., Giorgini, P., Schumacher, M., Manson, M.: Security Patterns for Agent Systems. In: Proceedings of the Eight European Conference on Pattern Languages of Programs (EuroPLoP), Irsee, Germany (June 2003)
Mouratidis, H., Philp, I., Manson, G.: A Novel Agent-Based System to Support the Single Assessment Process for Older People. Journal of Health Informatics 3(9), 149–163 (2003)
National Research Council, Computer At Risk: Safe Computing in the Information Age, National Academy Press, Washington, D.C., USA (1991)
Norman, L., Kert, J., Vlissides, M., Coplien, J.-O.: Pattern Languages of Program Design 2. Addison Wesley Publishing, Reading (1996)
Schumacher, M., Roedig, R.: Security Engineering with Patterns. In: Proceedings of the 8th Conference on Pattern Languages for Programs (PLoP 2001), Illinois-USA (September 2001)
Yoder, J., Barcalow, J.: Architectural Patterns for Enabling Application Security. In: Proceedings of the 4th Conference on Pattern Languages of Programs (PLoP 1997), Monticello, Illinois, USA (September 1997)
Yu, E., Cysneiros, L.: Designing for Privacy and Other Competing Requirements. In: 2nd Symposium on Requirements Engineering for Information Security (SREIS 2002), Raleigh, North Carolina (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mouratidis, H., Giorgini, P. (2009). Enhancing Secure Tropos to Effectively Deal with Security Requirements in the Development of Multiagent Systems. In: Barley, M., Mouratidis, H., Unruh, A., Spears, D., Scerri, P., Massacci, F. (eds) Safety and Security in Multiagent Systems. Lecture Notes in Computer Science(), vol 4324. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04879-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-04879-1_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04878-4
Online ISBN: 978-3-642-04879-1
eBook Packages: Computer ScienceComputer Science (R0)