A number of recent proposals aim to incorpo-rate security engineering into mainstream software engi-neering. Yet, capturing trust and security requirements at an organizational level, as opposed to an IT system level, and mapping these into security and trust manage-ment policies is still an open problem. This paper pro-poses a set of concepts founded on the notions of owner-ship, permission and trust and intended for requirements modeling. It also extends Tropos, an agent-oriented soft-ware engineering methodology, to support security requirements engineering. These concepts are formalized and are shown to support the automatic verification of security and trust requirements using Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study.

Requirements Engineering for Trust Management: Model, Methodology, and Reasoning

Giorgini, Paolo;Massacci, Fabio;Mylopoulos, Ioannis;Zannone, Nicola
2006-01-01

Abstract

A number of recent proposals aim to incorpo-rate security engineering into mainstream software engi-neering. Yet, capturing trust and security requirements at an organizational level, as opposed to an IT system level, and mapping these into security and trust manage-ment policies is still an open problem. This paper pro-poses a set of concepts founded on the notions of owner-ship, permission and trust and intended for requirements modeling. It also extends Tropos, an agent-oriented soft-ware engineering methodology, to support security requirements engineering. These concepts are formalized and are shown to support the automatic verification of security and trust requirements using Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study.
2006
4
Giorgini, Paolo; Massacci, Fabio; Mylopoulos, Ioannis; Zannone, Nicola
File in questo prodotto:
File Dimensione Formato  
Requirements Engineering for Trust Management.PDF

accesso aperto

Tipologia: Pre-print non referato (Non-refereed preprint)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 449.28 kB
Formato Adobe PDF
449.28 kB Adobe PDF Visualizza/Apri
s10207-006-0005-7.pdf

Solo gestori archivio

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 1.39 MB
Formato Adobe PDF
1.39 MB Adobe PDF   Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/71895
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 74
  • ???jsp.display-item.citation.isi??? ND
social impact