A Study of Security Requirements Negotiation

被引:0
|
作者
Ye, Xinfeng [1 ]
机构
[1] Univ Auckland, Dept Comp Sci, Auckland 1, New Zealand
来源
2014 IEEE 12TH INTERNATIONAL CONFERENCE ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING (DASC)/2014 IEEE 12TH INTERNATIONAL CONFERENCE ON EMBEDDED COMPUTING (EMBEDDEDCOM)/2014 IEEE 12TH INTERNATIONAL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING (PICOM) | 2014年
关键词
security; service level agreement; game theory;
D O I
10.1109/DASC.2014.18
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In service computing, a system is integrated by using the services of many service providers. The security of the services that constitutes the system affects the security of the integrated system. This paper studied the issues relating to security requirements of an integrated system using a game theoretical approach. It modeled a class of service computing applications as a security game. Using the game, the service providers and the system owners can analyse the security level and the security investment of the system. Using the results of the analysis, the system owners and the service providers can be more objective in their service level agreement negotiation.
引用
收藏
页码:51 / 56
页数:6
相关论文
共 50 条
  • [21] Quantum Cryptography - The Analysis of Security Requirements
    Niemiec, Marcin
    ICTON: 2009 11TH INTERNATIONAL CONFERENCE ON TRANSPARENT OPTICAL NETWORKS, VOLS 1 AND 2, 2009, : 814 - 817
  • [22] A systematic review of security requirements engineering
    Mellado, Daniel
    Blanco, Carlos
    Sanchez, Luis E.
    Fernandez-Medina, Eduardo
    COMPUTER STANDARDS & INTERFACES, 2010, 32 (04) : 153 - 165
  • [23] Visualising privacy and security for requirements engineering
    Kreeger, MN
    Duncan, I
    SERP'04: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH AND PRACTICE, VOLS 1 AND 2, 2004, : 813 - 819
  • [24] Security and Reliability Requirements for a Virtual Classroom
    Rehman, Shafiq Ur
    Khan, Muhammad Umair
    11TH INTERNATIONAL CONFERENCE ON FUTURE NETWORKS AND COMMUNICATIONS (FNC 2016) / THE 13TH INTERNATIONAL CONFERENCE ON MOBILE SYSTEMS AND PERVASIVE COMPUTING (MOBISPC 2016) / AFFILIATED WORKSHOPS, 2016, 94 : 447 - 452
  • [25] Security requirements in software product lines
    Mellado, Daniel
    Fernandez-Medina, Eduardo
    Piattini, Mario
    SECRYPT 2008: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2008, : 442 - +
  • [26] Eliciting security requirements by misuse cases
    Sindre, G
    Opdahl, AL
    37TH INTERNATIONAL CONFERENCE ON TECHNOLOGY OF OBJECT-ORIENTED LANGUAGES AND SYSTEMS, PROCEEDINGS, 2000, : 120 - 143
  • [27] Utilizing security requirements engineering methods for operational security maintenance purposes
    Abuosba, Khalil
    El-Sheikh, Asim
    Martin, Clemens
    2008 CANADIAN CONFERENCE ON ELECTRICAL AND COMPUTER ENGINEERING, VOLS 1-4, 2008, : 1763 - 1767
  • [28] Security Requirements Specification: A Formal Method Perspective
    Mishra, Aditya Dev
    Mustafa, K.
    PROCEEDINGS OF THE 7TH INTERNATIONAL CONFERENCE ON COMPUTING FOR SUSTAINABLE GLOBAL DEVELOPMENT (INDIACOM-2020), 2019, : 113 - 117
  • [29] Integrating security and usability into the requirements and design process
    Flechais, Ivan
    Mascolo, Cecilia
    Sasse, M. Angela
    INTERNATIONAL JOURNAL OF ELECTRONIC SECURITY AND DIGITAL FORENSICS, 2007, 1 (01) : 12 - 26
  • [30] Ontologies for Security Requirements: A Literature Survey and Classification
    Souag, Amina
    Salinesi, Camille
    Comyn-Wattiau, Isabelle
    ADVANCED INFORMATION SYSTEMS ENGINEERING WORKSHOPS, CAISE 2012, 2012, 112 : 61 - 69
12345