Security Requirements Engineering (SRE) is concerned with the identification of security needs and the specification of security requirements of the system-to-be. Mainstream approaches to SRE either focus on technical security mechanisms or suggest high-level organizational abstractions that are hard to map to the actual design. Social commitments are a simple yet powerful abstraction to model social interactions and can be used effectively to specify security requirements. In this paper, we build on our previous work proposing a novel goal-oriented modelling language called SecCo—Security via Commitments—where the concept of social commitment between social and technical actors is adopted to specify security requirements. Commitments enable the development of robust applications, wherein security needs are satisfied by assigning contractual validity to interactions.

Security Requirements Engineering via Commitments / Dalpiaz, Fabiano; Paja, Elda; Giorgini, Paolo. - ELETTRONICO. - (2011).

Security Requirements Engineering via Commitments

Dalpiaz, Fabiano
Primo
;
Paja, Elda
Secondo
;
Giorgini, Paolo
Ultimo
2011-01-01

Abstract

Security Requirements Engineering (SRE) is concerned with the identification of security needs and the specification of security requirements of the system-to-be. Mainstream approaches to SRE either focus on technical security mechanisms or suggest high-level organizational abstractions that are hard to map to the actual design. Social commitments are a simple yet powerful abstraction to model social interactions and can be used effectively to specify security requirements. In this paper, we build on our previous work proposing a novel goal-oriented modelling language called SecCo—Security via Commitments—where the concept of social commitment between social and technical actors is adopted to specify security requirements. Commitments enable the development of robust applications, wherein security needs are satisfied by assigning contractual validity to interactions.
2011
Trento
Università degli Studi di Trento, Dipartimento di Ingegneria e Scienza dell'Informazione
Security Requirements Engineering via Commitments / Dalpiaz, Fabiano; Paja, Elda; Giorgini, Paolo. - ELETTRONICO. - (2011).
Dalpiaz, Fabiano; Paja, Elda; Giorgini, Paolo
File in questo prodotto:
File Dimensione Formato  
SecCo-Tech-Report.pdf

accesso aperto

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 503.09 kB
Formato Adobe PDF
503.09 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/359545
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact