A number of recent proposals aim to incorpo-rate security engineering into mainstream software engi-neering. Yet, capturing trust and security requirements at an organizational level, as opposed to an IT system level, and mapping these into security and trust manage-ment policies is still an open problem. This paper pro-poses a set of concepts founded on the notions of owner-ship, permission and trust and intended for requirements modeling. It also extends Tropos, an agent-oriented soft-ware engineering methodology, to support security requirements engineering. These concepts are formalized and are shown to support the automatic verification of security and trust requirements using Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study.
Requirements Engineering for Trust Management: Model, Methodology, and Reasoning
Giorgini, Paolo;Massacci, Fabio;Mylopoulos, Ioannis;Zannone, Nicola
2006-01-01
Abstract
A number of recent proposals aim to incorpo-rate security engineering into mainstream software engi-neering. Yet, capturing trust and security requirements at an organizational level, as opposed to an IT system level, and mapping these into security and trust manage-ment policies is still an open problem. This paper pro-poses a set of concepts founded on the notions of owner-ship, permission and trust and intended for requirements modeling. It also extends Tropos, an agent-oriented soft-ware engineering methodology, to support security requirements engineering. These concepts are formalized and are shown to support the automatic verification of security and trust requirements using Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study.File | Dimensione | Formato | |
---|---|---|---|
Requirements Engineering for Trust Management.PDF
accesso aperto
Tipologia:
Pre-print non referato (Non-refereed preprint)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
449.28 kB
Formato
Adobe PDF
|
449.28 kB | Adobe PDF | Visualizza/Apri |
s10207-006-0005-7.pdf
Solo gestori archivio
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
1.39 MB
Formato
Adobe PDF
|
1.39 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione