Security Requirements Engineering for Cloud Computing: The Secure Tropos Approach

  • Haralambos Mouratidis
  • Nikolaos Argyropoulos
  • Shaun Shei


Security is considered an important aspect of software systems, especially in the context of cloud computing. Nevertheless, current practices towards securing software systems fail to take into account security issues during the early development stages and also cannot properly address the unique characteristics and needs of the cloud environment. To address such issues, Secure Tropos was developed as a security-oriented requirements engineering approach, offering a modeling language and sets of diagrams which facilitate the elicitation and elaboration of security features for software systems. In this work, we introduce Secure Tropos by discussing its main concepts, their relations and the main diagrams used to capture the different aspects of a software system. SecTro, a CASE tool developed specifically for the creation and analysis of Secure Tropos diagrams, is used to model a case study as an illustrative example. Finally, future work on expanding the functionalities offered by Secure Tropos is discussed.


Information Security Cloud computing Security requirements engineering Security modeling Secure Tropos 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Depot, T.H.: The home depot reports findings in payment data breach investigation. (2014). Accessed 13 Oct 15
  2. 2.
    Pavel, A.: server said to have been used in Sony attack. (2011). Accessed 13 Oct 15
  3. 3.
    Cloud Security Alliance: Security research alliance to promote network security. Netw. Secur. 1999(2), 3–4 (1999)Google Scholar
  4. 4.
    Bergmayr, A., Brunelière, H., Izquierdo, J.L.C., Gorroñogoitia, J., Kousiouris, G., Kyriazis, D., Langer, P., Menychtas, A., Orue-Echevarria, L., Pezuela, C., Wimmer, M.: Migrating legacy software to the cloud with ARTIST. In: European Conference on Software Maintenance and Reengineering, CSMR, pp. 465–468 (2013)Google Scholar
  5. 5.
    Ferry, N., Rossini, A., Chauvel, F., Morin, B., Solberg, A.: Towards model-driven provisioning, deployment, monitoring, and adaptation of multicloud systems. In: 6th International Conference on Cloud Computing, pp. 887–894. IEEE Press (2013)Google Scholar
  6. 6.
    Frey, S., Hasselbring, W.: The cloudmig approach: Model-based migration of software systems to cloud-optimized applications. Int. J. Adv. Softw. 4(3–4), 342–353 (2011)Google Scholar
  7. 7.
    Armbrust, M., Fox, O., Griffith, R., Joseph, A.D., Katz, Y., Konwinski, A., et al.: Above the clouds: A Berkeley view of cloud computing. Technical report, pp. 07–013. University of California, Berkeley (2009)Google Scholar
  8. 8.
    Bresciani, P., Perini, A., Giorgini, P., Giunchiglia, F., Mylopoulos, J.: Tropos: an agent-oriented software development methodology. Auton. Agent. Multi-Agent Syst. 8(3), 203–236 (2004)CrossRefzbMATHGoogle Scholar
  9. 9.
    Mouratidis, H.: A security oriented approach in the development of multiagent bsystems: applied to the management of the health and social care needs of older people in England. Ph.D. Thesis, University of Sheffields, UK (2004)Google Scholar
  10. 10.
    Yu, E.: Modelling strategic relationships for process reengineering. Ph.D. thesis, Department of Computer Science, University of Toronto, Canada (1995)Google Scholar
  11. 11.
    Chung, L., Nixon B.: Dealing with non-functional requirements: three experimental studies of a process-oriented approach. In: 17th International Conference on Software Engineering, pp. 25–37. ACM (1995)Google Scholar
  12. 12.
    Mouratidis, H., Islam, S., Kalloniatis, C., Gritzalis, S.: A framework to support selection of cloud providers based on security and privacy requirements. J. Syst. Softw. 86(9), 2276–2293 (2013)CrossRefGoogle Scholar
  13. 13.
    Mouratidis, H.: Secure software systems engineering: the secure tropos approach. J. Softw. 6(3), 331–339 (2011)CrossRefGoogle Scholar
  14. 14.
    Anton, A.I., Earp, J.B.: A requirements taxonomy for reducing web site privacy vulnerabilities. Requir. Eng. 9(3), 169–185 (2004)CrossRefGoogle Scholar
  15. 15.
    Schumacher, M., Roedig, U.: Security engineering with patterns. In: 8th Conference on Pattern Languages for Programs (PLoP), Illinois, USA (2001)Google Scholar
  16. 16.
    van Lamsweerde, A., Letier, E.: Handling obstacles in goal-oriented requirements engineering. Trans. Softw. Eng. 26(10), 978–1005 (2000)CrossRefGoogle Scholar
  17. 17.
    Crook, R., Ince, D., Lin, L.C., Nuseibeh, B.: Security requirements engineering: when anti-requirements hit the fan. In: 10th International Requirements Engineering Conference, pp. 203–205. IEEE Press (2002)Google Scholar
  18. 18.
    Lin, L.C., Nuseibeh, B., Ince, D., Jackson, M., Moffett, J.: Analysing security threats and vulnerabilities using abuse frames. Technical report 2003/10, The Open University (2003)Google Scholar
  19. 19.
    Liu, L., Yu, E., Mylopoulos, J.: Security and privacy requirements analysis within a social setting. In: 11th International Requirements Engineering Conference, pp. 151–161. IEEE Press (2003)Google Scholar
  20. 20.
    McDermott, J., Fox, C.: Using abuse care models for security requirements analysis. In: 15th Annual Computer Security Applications Conference, pp. 55–64. IEEE Press (1999)Google Scholar
  21. 21.
    Sindre, G., Opdahl, A.L.: Eliciting security requirements with misuse cases. Requir. Eng. 10(1), 34–44 (2005)CrossRefGoogle Scholar
  22. 22.
    Jurjens, J.: Secure Systems Development with UML. Springer (2005)Google Scholar
  23. 23.
    Lodderstedt, T., Basin, D., Doser, J.: SecureUML: a UML based modelling language for model-driven security. In: UML 2002 The Unified Modeling Language, pp. 426–441. Springer (2002)Google Scholar
  24. 24.
    Mouratidis, H., Giorgini, P.: Secure tropos: a security-oriented extension of the tropos methodology. Int. J. Softw. Eng. Knowl. Eng. 17(2), 285–309 (2007)CrossRefGoogle Scholar
  25. 25.
    Giorgini, P., Massacci, F., Mylopoulos, J.: Requirement engineering meets security: a case study on modelling secure electronic transactions by VISA and Mastercard. In: 22nd International Conference On Conceptual Modeling (ER 2003), pp. 263-276. Springer (2003)Google Scholar
  26. 26.
    Mellado, D., Fernández-Medina, E., Piattini, M.: A common criterion based security requirements engineering process for the development of secure information system. Comput. Stan. Interfaces 29, 244–253 (2007)CrossRefGoogle Scholar
  27. 27.
    Mead, N.R., Steheny, T.: Security quality requirements engineering (SQUARE) methodology. SIGSOFT Softw. Eng. Notes 30(4), 1–7 (2005)CrossRefGoogle Scholar
  28. 28.
    Houmb, S.H., Islam, S., Knauss, E., Jrjens, J., Schneider, K.: Eliciting security requirements and tracing them to design: an integration of common criteria, heuristics, and UMLsec. Requirements. Eng. J. 15(1), 63–93 (2010)Google Scholar
  29. 29.
    Pavlidis, M., Mouratidis, H., Islam, S.: Modelling security using trust based concepts. Int. J. Secure Softw. Eng. 3(2), 36–53 (2012)CrossRefGoogle Scholar
  30. 30.
    Rosado, D.G., Fernández-Medina, E., López, J., Piattini, M.: Analysis of secure mobile grid systems: a systematic approach. Inf. Softw. Technol. 52(5), 517–536 (2010)CrossRefGoogle Scholar
  31. 31.
    Bandara, Arosha, Shinpei, H., Jurjens, J., Kaiya, H., Kubo, A., Laney, R., Mouratidis, H., et al.: Security patterns: comparing modeling approaches. In: Software Engineering for Secure Systems: Industrial and Research Perspectives: Industrial and Research Perspectives, p. 75 (2010)Google Scholar
  32. 32.
    Shei, S., Delaney, A., Kapetanakis, S., Mouratidis, H.: Visually Mapping Requirements Models to Cloud ServicesGoogle Scholar
  33. 33.
    Shei, S., Márquez Alcañiz, L., Mouratidis, H., Delaney, A., Rosado, D.G., Fernández-Medina, E.: Modelling secure cloud systems based on system requirements. In: Proceedings of ESPRE, pp. 19–24 (2015)Google Scholar
  34. 34.
    Pavlidis, M., Islam, S., Mouratidis, H.: A CASE tool to support automated modelling and analysis of security requirements. In: Nurcan, S., (eds.) IS Olympics: Information Systems in a Diverse World, pp. 95–109. Springer (2012)Google Scholar
  35. 35.
    Greek Parliament: Act 3892: Electronic registration and fulfilment of medical prescriptions and clinical test referrals. FEK 189(1), 4225–4232 (2010). [In Greek]Google Scholar
  36. 36.
    Argyropoulos, N., Mouratidis, H., Fish, A.: Towards the derivation of secure business process designs. In: 2nd International Workshop on Conceptual Modelling in Requirements and Business Analysis (MReBA) in Conjunction with the 34th International Conference on Conceptual Modeling (ER’15), Stockholm, Sweden, pp. 1–11. Springer (2015)Google Scholar
  37. 37.
    Argyropoulos, N., Márquez Alcañiz, L., Mouratidis, H., Fish, A., Rosado, D.G., De Guzmán, I.G.R., Fernández-Medina, E.: Eliciting security requirements for business processes of legacy systems. In: 8th IFIP WG 8.1 Working Conference on the Practice of Enterprise Modelling, Valencia, Spain. Springer (2015)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Haralambos Mouratidis
    • 1
  • Nikolaos Argyropoulos
    • 1
  • Shaun Shei
    • 1
  1. 1.Secure and Dependable Software Systems (Sense), Research ClusterUniversity of BrightonBrightonUK

Personalised recommendations