The last years have seen a number of proposals to incorporate Security Engineering into mainstream Software Requirements Engineering. However, capturing trust and security requirements at an organizational level (as opposed to a design level) is still an open problem. This paper presents a formal framework for modeling and analyzing security and trust requirements. It extends the Tropos methodology, an agent-oriented software engineering methodology. The key intuition is that in modeling security and trust, we need to distinguish between the actors that manipulate resources, accomplish goals or execute tasks, and actors that own the resources or the goals. To analyze an organization and its information systems, we proceed in two steps. First, we built a trust model, determining the trust relationships among actors, and then we give a functional model, where we analyze the actual delegations against the trust model, checking whether an actor that offers a service is authorized to have it. The formal framework allows for the automatic verification of security and trust requirements by using a suitable delegation logic that can be mechanized within Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study.

Requirements Engineering meets Trust Management: Model, Methodology, and Reasoning / Giorgini, Paolo; Mylopoulos, John; Zannone, Nicola; Massacci, Fabio. - ELETTRONICO. - (2004).

Requirements Engineering meets Trust Management: Model, Methodology, and Reasoning

Giorgini, Paolo;Mylopoulos, John;Zannone, Nicola;Massacci, Fabio
2004-01-01

Abstract

The last years have seen a number of proposals to incorporate Security Engineering into mainstream Software Requirements Engineering. However, capturing trust and security requirements at an organizational level (as opposed to a design level) is still an open problem. This paper presents a formal framework for modeling and analyzing security and trust requirements. It extends the Tropos methodology, an agent-oriented software engineering methodology. The key intuition is that in modeling security and trust, we need to distinguish between the actors that manipulate resources, accomplish goals or execute tasks, and actors that own the resources or the goals. To analyze an organization and its information systems, we proceed in two steps. First, we built a trust model, determining the trust relationships among actors, and then we give a functional model, where we analyze the actual delegations against the trust model, checking whether an actor that offers a service is authorized to have it. The formal framework allows for the automatic verification of security and trust requirements by using a suitable delegation logic that can be mechanized within Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study.
2004
Trento, Italia
Università degli Studi di Trento. DEPARTMENT OF INFORMATION AND COMMUNICATION TECHNOLOGY
Requirements Engineering meets Trust Management: Model, Methodology, and Reasoning / Giorgini, Paolo; Mylopoulos, John; Zannone, Nicola; Massacci, Fabio. - ELETTRONICO. - (2004).
Giorgini, Paolo; Mylopoulos, John; Zannone, Nicola; Massacci, Fabio
File in questo prodotto:
File Dimensione Formato  
016.pdf

accesso aperto

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 578.8 kB
Formato Adobe PDF
578.8 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/359032
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact