Abstract
Personal data have become a central asset for multiple enterprise applications and online services offered by private companies, public organisations or a combination of both. The sensitivity of such data and the continuously growing legislation that accompanies their management dictate the development of methods that allow the development of more secure, trustworthy software systems with focus on privacy protection. The contribution of this paper is the definition of a novel requirements engineering method that supports both early and late requirements specification, giving emphasis on security, privacy and trust. The novelty of our work is that it provides the means for software designers and security experts to analyse the system-to-be from multiple aspects, starting from identifying high-level goals to the definition of business process composition, and elicitation of mechanisms to fortify the system from external threats. The method is supported by two CASE tools. To demonstrate the applicability and usefulness of our work, the paper shows its applications to a real-world case study.
Similar content being viewed by others
Notes
References
Ahmed, N., Matulevicius, R.: A method for eliciting security requirements from the business process models. In: CAiSE (Forum/Doctoral Consortium), pp. 57–64 (2014)
Alexander, I.: Misuse cases: use cases with hostile intent. IEEE Softw. 20(1), 58–66 (2003)
Ali, R., Dalpiaz, F., Giorgini, P.: A goal modeling framework for self-contextualizable software. BMMDS/EMMSAD 9, 326–338 (2009)
Angelopoulos, K., Souza, V.E.S., Mylopoulos, J.: Capturing variability in adaptation spaces: a three-peaks approach. In: International Conference on Conceptual Modeling, pp. 384–398. Springer (2015)
Bijwe, A., Mead, N.R.: Adapting the Square Process for Privacy Requirements Engineering. Technical report. Software Engineering Institute (2010)
Bimrah, K.K.: A Framework for Modelling Trust During Information Systems Development. PhD thesis, University of East London (2009)
Bittner, K.: Use Case Modeling. Addison-Wesley Longman Publishing Co., Inc, Boston (2002)
Bresciani, P., Perini, A., Giorgini, P., Giunchiglia, F., Mylopoulos, J.: Tropos: an agent-oriented software development methodology. Auton. Agents Multi Agent Syst. 8(3), 203–236 (2004)
Chopra, A.K., Dalpiaz, F., Giorgini, P., Mylopoulos, J.: Reasoning about agents and protocols via goals and commitments. In: Proceedings of the 9th International Conference on Autonomous Agents and Multiagent Systems, Vol. 1, pp. 457–464. International Foundation for Autonomous Agents and Multiagent Systems (2010)
Chung, L., Nixon, B.A., Yu, E., Mylopoulos, J.: Non-functional Requirements in Software Engineering. Springer, Berlin/Heidelberg, Germany (2012)
Dalpiaz, F., Paja, E., Giorgini, P.: Security Requirements Engineering: Designing Secure Socio-Technical Systems. MIT Press, Cambridge (2016)
Dardenne, A., Van Lamsweerde, A., Fickas, S.: Goal-directed requirements acquisition. Sci. Comput. Program. 20(1–2), 3–50 (1993)
Deng, M., Wuyts, K., Scandariato, R., Preneel, B., Joosen, W.: A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. Requir. Eng. 16(1), 3–32 (2011)
Diamantopoulou, V., Kalloniatis, C., Gritzalis, S., Mouratidis, H.: Supporting Privacy by Design Using Privacy Process Patterns, pp. 491–505. Springer International Publishing, Cham (2017)
Diamantopoulou, V., Mouratidis, H.: Applying the physics of notation to the evaluation of a security and privacy requirements engineering methodology. Inf. Comput. Secur. 26(4), 382–400 (2018)
Diamantopoulou, V., Mouratidis, H.: Evaluating a reference architecture for privacy level agreements management. In: 12th Mediterranean Conference on Information Systems (MCIS 2018). AIS (2018)
Elahi, G., Yu, E.: Trust trade-off analysis for security requirements engineering. In: Requirements Engineering Conference, 2009. RE’09. 17th IEEE International, pp. 243–248. IEEE (2009)
European Union. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data, and Repealing Directive 95/46/EC (General Data Protection Regulation). Official Journal of the European Union, L119/59, May (2016)
Faßbender, S., Heisel, M., Meis, R.: Functional requirements under security pressure. In: 2014 9th International Conference on Software Paradigm Trends (ICSOFT-PT), pp. 5–16. IEEE (2014)
Faßbender, S., Heisel, M., Meis, R.: Problem-based security requirements elicitation and refinement with pressure. In: International Conference on Software Technologies, pp. 311–330. Springer (2014)
Gharib, M., Salnitri, M., Paja, E., Giorgini, P., Mouratidis, H., Pavlidis, M., Ruiz, J.F., Fernandez, S., and Andrea Della Siria. Privacy requirements: Findings and lessons learned in developing a privacy platform. In: 2016 IEEE 24th International Requirements Engineering Conference (RE), pp. 256–265. IEEE (2016)
Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Modeling security requirements through ownership, permission and delegation. In: 13th IEEE International Conference on Requirements Engineering, 2005. Proceedings, pp. 167–176 (2005)
Gorski, J., Jarzkebowicz, A., Leszczyna, R., Miler, J., Olszewski, M.: Trust case: justifying trust in an it solution. Reliab. Eng. Syst. Saf. 89(1), 33–47 (2005)
Haley, C., Laney, R., Moffett, J., Nuseibeh, B.: Security requirements engineering: a framework for representation and analysis. IEEE Trans. Softw. Eng. 34(1), 133–153 (2008)
Hevner, A.R., March, S.T., Park, J., Ram, S.: Design science in information systems research. Manag. Inf. Syst. Q. 28(1), 6 (2008)
Horkoff, J., Yu, Y., Eric, S.K.: Openome: an open-source goal and agent-oriented model drawing and analysis tool. iStar 766, 154–156 (2011)
Kalloniatis, C., Kavakli, E., Gritzalis, S.: Addressing privacy requirements in system design: the PRiS method. Requir. Eng. 13(3), 241–255 (2008)
Lambrinoudakis, C., Gritzalis, S., Dridi, F., Pernul, G.: Security requirements for e-government services: a methodological approach for developing a common pki-based security policy. Comput. Commun. 26(16), 1873–1883 (2003)
Lee, W.-S., Grosh, D.L., Tillman, F.A., Lie, C.H.: Fault tree analysis, methods, and applications a review. IEEE Trans. Reliab. 34(3), 194–203 (1985)
Martínez, A., Pastor López, O., Estrada, H.: A pattern language to join early and late requirements. J. Comput. Sci. Technol. 5, 64–70 (2005)
Massacci, F., Mylopoulos, J., Zannone, N.: Security requirements engineering: the si* modeling language and the secure tropos methodology. In: Advances in Intelligent Information Systems, pp. 147–174. Springer, Berlin, Heidelberg (2010)
Mauw, S., Oostdijk, M.: Foundations of attack trees. In: International Conference on Information Security and Cryptology, pp. 186–198. Springer (2005)
Mead, N.R., Stehney, T.: Security Quality Requirements Engineering (SQUARE) Methodology, vol. 30. ACM, New York (2005)
Miyazaki, S., Mead, N., Zhan, J.: Computer-aided privacy requirements elicitation technique. In: Asia-Pacific Services Computing Conference, 2008. APSCC’08. pp. 367–372. IEEE (2008)
Mouratidis, H., Argyropoulos, N., Shei, S.: Security requirements engineering for cloud computing: the secure tropos approach. In: Domain-Specific Conceptual Modeling, pp. 357–380. Springer (2016)
Mouratidis, H., Giorgini, P.: Secure tropos: a security-oriented extension of the tropos methodology. Int. J. Softw. Eng. Knowl. Eng. 17(02), 285–309 (2007)
Mylopoulos, J., Chung, L., Yu, E.: From object-oriented to goal-oriented requirements analysis. Commun. ACM 42(1), 31–37 (1999)
Mllering, G.: The trust/control duality. Int. Sociol. 20(3), 283–305 (2005)
Nguyen, C.M., Sebastiani, R., Giorgini, P., Mylopoulos, J.: Multi-objective reasoning with constrained goal models. Requir. Eng. 23, 189–225 (2016)
Nhlabatsi, A., Bandara, A., Hayashi, S., Haley, C., Jurjens, J., Kaiya, H., Kubo, A., Laney, R., Mouratidis, H., Nuseibeh, B et al.: Security patterns: comparing modeling approaches. In: Software Engineering for Secure Systems: Industrial and Research Perspectives, pp. 75–111. IGI Global (2011)
OMG. Bpmn 2.0. Technical report, OMG (2011)
OMG. Uml 2.5.1. Technical report, OMG (2017)
Paja, E., Dalpiaz, F., Giorgini, P.: Modelling and reasoning about security requirements in socio-technical systems. Data Knowl. Eng. 98, 123–143 (2015)
Pavlidis, M., Islam, S., Mouratidis, H., Kearney, P.: Modeling trust relationships for developing trustworthy information systems. Int. J. Inf. Syst. Model. Des.: IJISMD 5(1), 25–48 (2014)
Pavlidis, M., Mouratidis, H., Islam, S.: Modelling security using trust based concepts. Int. J. Secure Softw. Eng.: IJSSE 3(2), 36–53 (2012)
Pavlidis, M., Mouratidis, H., Islam, S., Kearney, P.: Dealing with trust and control: a meta-model for trustworthy information systems development. In: 2012 Sixth International Conference on Research Challenges in Information Science (RCIS), pp. 1–9 (2012)
Pfitzmann, A., Hansen, M.: A Terminology for Talking About Privacy by Data Minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management (2010)
Presti, S.L., Butler, M., Leuschel, M., Booth, C.: Holistic trust design of e-services. Trust in E-Services: Technologies. Practices and Challenges, pp. 113–139. IGI Global, Hershey, Pennsylvania, USA (2006)
Rumbaugh, J., Jacobson, I., Booch, G.: Unified Modeling Language Reference Manual. Pearson Higher Education, Upper Saddle River (2004)
Salini, P., Kanmani, S.: Model oriented security requirements engineering (mosre) framework for web applications. In: Advances in Computing and Information Technology, pp. 341–353. Springer, Berlin, Heidelberg (2013)
Salnitri, M., Giorgini, P.: Transforming socio-technical security requirements in secbpmn security policies. In: iStar. CEUR Workshop Proceedings (2014)
Salnitri, M., Paja, E., Giorgini, P.: Preserving compliance with security requirements in socio-technical systems. In: Cyber Security and Privacy Forum, pp. 49–61. Springer, Cham (2014)
Salnitri, M., Paja, E., Giorgini, P.: Maintaining secure business processes in light of socio-technical systems’ evolution. In: IEEE International Requirements Engineering Conference Workshops (REW), pp. 155–164. IEEE (2016)
Schumacher, M., Fernandez-Buglioni, E., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns: Integrating Security and Systems Engineering. Wiley, Hoboken (2013)
Shostack, A.: Threat Modeling: Designing for Security. Wiley, Hoboken (2014)
Steinberg, D., Budinsky, F., Merks, E., Paternostro, M.: EMF: Eclipse Modeling Framework. Pearson Education, London (2008)
Van Lamsweerde, A.: Goal-oriented requirements engineering: a guided tour. In: Fifth IEEE International Symposium on Requirements Engineering, 2001. Proceedings, pp. 249–262. IEEE (2001)
Van Lamsweerde, A.: Elaborating security requirements by construction of intentional anti-models. In: Proceedings of the 26th International Conference on Software Engineering, pp. 148–157 (2004)
Van Lamsweerde, A.: Requirements Engineering: From System Goals to UML Models to Software (2009)
Van Lamsweerde, A., Letier, E.: Handling obstacles in goal-oriented requirements engineering. IEEE Trans. Softw. Eng. 26(10), 978–1005 (2000)
VisiOn-Consortium. D6.3 Training Activities Manual. Technical report, VisiOn (2017)
VisiOn European project consortium: VisiOn Pilots Report—Final Version. Technical report, VisiOn (2017). https://www.visioneuproject.eu/wp-content/uploads/2018/11/2017-VSN-RP-145-D5.2-VisiOn-Pilots-Report-final.pdf
Wieringa, R., Daneva, M.: Six strategies for generalizing software engineering theories. Sci. Comput. Program. 101, 136–152 (2015)
Wohlin, C., Runeson, P., Höst, M., Ohlsson, M.C., Regnell, B., Wesslén, A.: Experimentation in Software Engineering: An Introduction. Springer, Berlin (2000)
Yin, R.K.: Case Study Research and Applications: Design and Methods. Sage, Thousand Oaks (2017)
Yu, E.: Modelling Strategic Relationships for Process Reengineering. PhD thesis, University of Toronto (1995)
Yu, E.: Modelling strategic relationships for process reengineering. Soc. Model. Requir. Eng. 11, 2011 (2011)
Yu, E., Liu, L.: Modelling trust for system design using the i * strategic actors framework. In: Falcone, R., Singh, M., Tan, Y.-H. (eds.) Trust in Cyber-Societies. Lecture Notes in Computer Science, vol. 2246, pp. 175–194. Springer, Berlin (2001)
Yu, E.S.K.: Towards modelling and reasoning support for early-phase requirements engineering. In: Proceedings of the Third IEEE International Symposium on Requirements Engineering, 1997, pp. 226–235. IEEE (1997)
Zainal, Z.: Case study as a research method. J. Kemanus. 5(1), 1–6 (2007)
Zave, P.: Classification of research efforts in requirements engineering. ACM Comput. Surv: CSUR 29(4), 315–321 (1997)
Acknowledgements
This paper is supported by European Union Horizon 2020 research and innovation programme under Grant Agreement No. 653642, project VisiOn (Visual Privacy Management in User Centric Open environments).
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by Ruth Breu.
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Salnitri, M., Angelopoulos, K., Pavlidis, M. et al. Modelling the interplay of security, privacy and trust in sociotechnical systems: a computer-aided design approach. Softw Syst Model 19, 467–491 (2020). https://doi.org/10.1007/s10270-019-00744-x
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10270-019-00744-x