Abstract
As security is a growing concern for modern information systems, Security Requirements Engineering has been developed as a very active area of research. A large body of work deals with elicitation, modelling, analysis, and reasoning about security requirements. However, there is little evidence of efforts to align security requirements with security mechanisms. This paper extends the Secure Tropos methodology to enable a clear alignment, between security requirements and security mechanisms, and a reasoning technique to optimise the selection of security mechanisms based on these security requirements and a set of other factors. The extending Secure Tropos supports modelling and analysis of security mechanisms; defines mathematically relevant modelling concepts to support a formal analysis; and defines and solves an optimisation problem to derive optimal sets of security mechanisms. We demonstrate the applicability of our work with the aid of a case study from the health care domain.
References
McDermott, J., Fox, C.: Using abuse case models for security requirements analysis. In: 15th Annual Computer Security Applications Conference, (ACSAC 1999) Proceedings, pp. 55–64. IEEE (1999)
Basin, D., Doser, J., Lodderstedt, T.: Model driven security for process-oriented systems. In: Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies, pp. 100–109. ACM (2003)
Mouratidis, H.: Integrating Security and Software Engineering: Advances and Future Visions: Advances and Future Visions. IGI Global, Hershey (2006)
Haley, C.B., Laney, R., Moffett, J.D., Nuseibeh, B.: Arguing satisfaction of security requirements. Integr. Secur. Softw. Eng. Adv. Future Vis. 16–43 (2006)
Fabian, B., Gürses, S., Heisel, M., Santen, T., Schmidt, H.: A comparison of security requirements engineering methods. Requir. Eng. 15(1), 7–40 (2010)
Dubois, E., Mouratidis, H.: Guest editorial: security requirements engineering: past, present and future. Requir. Eng. 15(1), 1–5 (2010)
Mouratidis, H., Giorgini, P.: Secure tropos: a security-oriented extension of the tropos methodology. Int. J. Softw. Eng. Knowl. Eng. 17(2), 285–309 (2007)
Chung, L., Nixon, B., Yu, E., Mylopoulos, J.: Non-Functional Requirements in Software Engineering. International Series in Software Engineering. Springer, Heidelberg (2000). doi:10.1007/978-1-4615-5269-7
Hatebur, D., Heisel, M.: Problem frames and architectures for security problems. In: Winther, R., Gran, B.A., Dahll, G. (eds.) SAFECOMP 2005. LNCS, vol. 3688, pp. 390–404. Springer, Heidelberg (2005). doi:10.1007/11563228_30
Hatebur, D., Heisel, M., Schmidt, H.: Security Engineering Using Problem Frames. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 238–253. Springer, Heidelberg (2006). doi:10.1007/11766155_17
Gupta, M., Rees, J., Chaturvedi, A., Chi, J.: Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach. Decis. Support Syst. 41(3), 592–603 (2006)
Neubauer, T., Pehn, M.: Workshop-based risk assessment for the definition of secure business processes. In: Second International Conference on Information, Process, and Knowledge Management, eKNOW 2010, pp. 74–79. IEEE (2010)
Viduto, V., Maple, C., Huang, W., López-Peréz, D.: A novel risk assessment and optimisation model for a multi-objective network security countermeasure selection problem. Decis. Support Syst. 53(3), 599–610 (2012)
Sawik, T.: Selection of optimal countermeasure portfolio in it security planning. Decis. Support Syst. 55(1), 156–164 (2013)
Giorgini, P., Mylopoulos, J., Nicchiarelli, E., Sebastiani, R.: Formal Reasoning Techniques for Goal Models. In: Spaccapietra, S., March, S., Aberer, K. (eds.) Journal on Data Semantics I. LNCS, vol. 2800, pp. 1–20. Springer, Heidelberg (2003). doi:10.1007/978-3-540-39733-5_1
Amyot, D., Ghanavati, S., Horkoff, J., Mussbacher, G., Peyton, L., Yu, E.: Evaluating goal models within the goal-oriented requirement language. Int. J. Intell. Syst. 25(8), 841–877 (2010)
Letier, E., Van Lamsweerde, A.: Reasoning about partial goal satisfaction for requirements and design engineering. In: ACM SIGSOFT Software Engineering Notes, vol. 29, pp. 53–62. ACM (2004)
Bryl, V., Giorgini, P., Mylopoulos, J.: Designing cooperative is: exploring and evaluating alternatives. In: On the Move to Meaningful Internet Systems 2006: CoopIS, DOA, GADA, and ODBASE, pp. 533–550. Springer, Heidelberg (2006)
Kaiya, H., Horai, H., Saeki, M.: Agora: attributed goal-oriented requirements analysis method. In: IEEE Joint International Conference on Requirements Engineering, Proceedings, pp. 13–22. IEEE (2002)
Bencomo, N., Belaggoun, A.: Supporting decision-making for self-adaptive systems: from goal models to dynamic decision networks. In: Doerr, J., Opdahl, A.L. (eds.) REFSQ 2013. LNCS, vol. 7830, pp. 221–236. Springer, Heidelberg (2013). doi:10.1007/978-3-642-37422-7_16
Feather, M.S., Cornford, S.L., Hicks, K., Kiper, J.D., Menzies, T., et al.: A broad, quantitative model for making early requirements decisions. Software 25(2), 49–56 (2008). IEEE
Heaven, W., Letier, E.: Simulating and optimising design decisions in quantitative goal models. In: 2011 19th IEEE International Requirements Engineering Conference (RE), pp. 79–88. IEEE (2011)
Mellado, D., Fernández-Medina, E., Piattini, M.: A common criteria based security requirements engineering process for the development of secure information systems. Comput. Stan. Interfaces 29(2), 244–253 (2007)
Mead, N.R., Stehney, T.: Security quality requirements engineering (square) methodology. SIGSOFT Softw. Eng. Notes 30(4), 1–7 (2005)
Sindre, G., Opdahl, A.L.: Eliciting security requirements with misuse cases. Requir. Eng. 10(1), 34–44 (2005). http://dx.doi.org/10.1007/s00766-004-0194-4
Liu, L., Yu, E., Mylopoulos, J.: Security and privacy requirements analysis within a social setting. In: 11th IEEE International Requirements Engineering Conference, Proceedings, pp. 151–161 (2003)
Paja, E., Dalpiaz, F., Giorgini, P.: Managing security requirements conflicts in socio-technical systems. In: Ng, W., Storey, V.C., Trujillo, J.C. (eds.) ER 2013. LNCS, vol. 8217, pp. 270–283. Springer, Heidelberg (2013). doi:10.1007/978-3-642-41924-9_23
Van Lamsweerde, A.: Elaborating security requirements by construction of intentional anti-models. In: Proceedings of the 26th International Conference on Software Engineering, pp. 148–157. IEEE Computer Society (2004)
Franqueira, V.N., Tun, T.T., Yu, Y., Wieringa, R., Nuseibeh, B.: Risk and argument: a risk-based argumentation method for practical security. In: 2011 19th IEEE International Requirements Engineering Conference (RE), pp. 239–248. IEEE (2011)
Asnar, Y., Giorgini, P., Mylopoulos, J.: Goal-driven risk assessment in requirements engineering. Requir. Eng. 16(2), 101–116 (2011)
Lee, S.W.: Probabilistic risk assessment for security requirements: a preliminary study. In: 2011 Fifth International Conference on Secure Software Integration and Reliability Improvement (SSIRI), pp. 11–20. IEEE (2011)
Houmb, S.H., Georg, G., Jürjens, J., France, R.: An integrated security verification and security solution design trade-off analysis approach. Integrating Security and Software Engineering: Advances and Future Visions/Mouratidis, Haralambos pp. 190–219 (2007)
Tsigkanos, C., Pasquale, L., Menghi, C., Ghezzi, C., Nuseibeh, B.: Engineering topology aware adaptive security: Preventing requirements violations at runtime. In: 2014 IEEE 22nd International Requirements Engineering Conference (RE), pp. 203–212. IEEE (2014)
Van Lamsweerde, A.: Goal-oriented requirements engineering: a guided tour. In: Fifth IEEE International Symposium on Requirements Engineering, Proceedings, pp. 249–262. IEEE (2001)
Bresciani, P., Perini, A., Giorgini, P., Giunchiglia, F., Mylopoulos, J.: Tropos: An agent-oriented software development methodology. Auton. Agent. Multi-Agent Syst. 8(3), 203–236 (2004)
Sommerville, I., Kotonya, G.: Requirements Engineering: Processes and Techniques. Wiley, Hoboken (1998)
Haley, C.B., Laney, R., Moffett, J.D., Nuseibeh, B.: Security requirements engineering: a framework for representation and analysis. IEEE Trans. Softw. Eng. 34(1), 133–153 (2008)
Cysneiros, L.M., Sampaio do Prado Leite, J.C.: Nonfunctional requirements: from elicitation to conceptual models. IEEE Trans. Softw. Eng. 30(5), 328–350 (2004)
Sebastiani, R., Trentin, P.: Optimathsat: a tool for optimization modulo theories
Greek-Parliament: Act 3892: Electronic registration and fulfilment of medical prescriptions and clinical test referrals. FEK 189(1), 4225–4232 (2010)
Sfyroeras, V.: The electronic prescription system. Pharmacy management and communications, pp. 68–69, September 2012. http://www.idika.gr/files/synenteyxeis/arthro_pharmacy_management_09.12.pdf
Adoxx Meta-modeling platform. http://www.adoxx.org
Bonneau, J., Herley, C., van Oorschot, P.C., Stajano, F.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: Proceedings of the 33rd IEEE Symposium on Security and Privacy. San Francisco, CA, USA, May 2012
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Pavlidis, M., Mouratidis, H., Panaousis, E., Argyropoulos, N. (2017). Selecting Security Mechanisms in Secure Tropos. In: Lopez, J., Fischer-Hübner, S., Lambrinoudakis, C. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2017. Lecture Notes in Computer Science(), vol 10442. Springer, Cham. https://doi.org/10.1007/978-3-319-64483-7_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-64483-7_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-64482-0
Online ISBN: 978-3-319-64483-7
eBook Packages: Computer ScienceComputer Science (R0)