Deriving Policies from Grid Security Requirements Model
The emerging Grid applications require rigorous approaches to handle security management issues as their scale, heterogeneity, and complexity can not be handled with simple examination and monitoring mechanisms. In this paper, we propose a rigorous method of deriving security policies for grid applications. These policies are derived from a security requirements model built using the KAOS requirements engineering methodology. We consider an example grid application of distributed file system; its formal security requirements model is developed followed by its refinement and then the derivation of security policy for this application. The derived policies are refined and transformed into operational policies for their implementation. We developed templates for the security policies to facilitate and formalise the various stages of policy derivation.
KeywordsGrid security formal requirements modelling security policies
Unable to display preview. Download preview PDF.
- J. Dorr, D. Kerkow, A. Knethen, and B. Paech. Eliciting efficiency requirements with use cases. 9th International Workshop on Requirments Engineering - Foundation for Software Quality, Workshop held at CaiSE’03, 2003.Google Scholar
- A. Fuxman, M. Pistore, J. Mylopoulos, and P. Traverso. Model checking early requirements specifications in tropos. Proceedings of Fifth IEEE International Symposium on Requirements Engineering 2001 (RE’01), pages 174–181, 2001.Google Scholar
- E. Kalyvianaki and I. Pratt. Building adaptive peer-to-peer systems. 4th International Conference on Peer-to-Peer Computing (P2P 2004), (ISBN 0-7695-2156-8), 2004.Google Scholar
- A. Lamsweerde. Elaborating security requirements by construction of intentional anti-models. 26th ACM-IEEE International Conference on Software Engineering (ICSE’04), pages 148–157, 2004.Google Scholar
- S. Naqvi, P. Massonet, and A. Arenas. Security requirements model for grid data management systems. Proceedings of the International Workshop on Critical Information Infrastructure Security 2006 (CRITIS’06), 2006.Google Scholar
- S. Naqvi, P. Massonet, and A. Arenas. A study of languages for the specification of grid security policies. CoreGRID Technical Report TR0037, 2006.Google Scholar
- S. Naqvi, O. Poitou, P. Massonet, and A. Arenas. Security requirements analysis for large-scale distributed file systems. Proceedings of the CoreGRID Workshop on Middleware, 2006.Google Scholar
- R. Strum and W. Morris. Foundations of service level management. Book, (ISBN 0-6723-1743-5):288, 2004.Google Scholar
- G. Wasson and M. Humphrey. Toward explicit policy management for virtual organisations. 4th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY2003), 2003.Google Scholar
- L. Wills. Security policies: Where to begin. SANS Whitepaper, 2002.Google Scholar