The quest for designing secure and trusted software has led to refined Software Engineering methodologies that rely on tools to support the design process. Automated reasoning mechanisms for requirements and software verification are by now a well-accepted part of the design process, and model driven architectures support the automation of the refinement process. We claim that we can further push the envelope towards the automatic exploration and selection among design alternatives and show that this is concretely possible for Secure Tropos, a requirements engineering methodology that addresses security and trust concerns. In Secure Tropos, a design consists of a network of actors (agents, positions or roles) with delegation/permission dependencies among them. Accordingly, the generation of design alternatives can be accomplished by a planner which is given as input a set of actors and goals and generates alternative multiagent plans to fulfill all given goals.We validate our claim with a case study using a state-of-the-art planner.

Designing Security Requirements Models through Planning / Bryl, Volha; Massacci, Fabio; Mylopoulos, John; Zannone, Nicola. - ELETTRONICO. - (2006).

Designing Security Requirements Models through Planning

Bryl, Volha;Massacci, Fabio;Mylopoulos, John;Zannone, Nicola
2006-01-01

Abstract

The quest for designing secure and trusted software has led to refined Software Engineering methodologies that rely on tools to support the design process. Automated reasoning mechanisms for requirements and software verification are by now a well-accepted part of the design process, and model driven architectures support the automation of the refinement process. We claim that we can further push the envelope towards the automatic exploration and selection among design alternatives and show that this is concretely possible for Secure Tropos, a requirements engineering methodology that addresses security and trust concerns. In Secure Tropos, a design consists of a network of actors (agents, positions or roles) with delegation/permission dependencies among them. Accordingly, the generation of design alternatives can be accomplished by a planner which is given as input a set of actors and goals and generates alternative multiagent plans to fulfill all given goals.We validate our claim with a case study using a state-of-the-art planner.
2006
Trento, Italia
University of Trento. Department of Information and Communication Tecnology
Designing Security Requirements Models through Planning / Bryl, Volha; Massacci, Fabio; Mylopoulos, John; Zannone, Nicola. - ELETTRONICO. - (2006).
Bryl, Volha; Massacci, Fabio; Mylopoulos, John; Zannone, Nicola
File in questo prodotto:
File Dimensione Formato  
003.pdf

accesso aperto

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 306.82 kB
Formato Adobe PDF
306.82 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/359491
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
  • OpenAlex ND
social impact