Requirements engineering for trust management: Model, methodology, and reasoning

被引：0

作者：

Giorgini P. ^{[1
]}

Massacci F. ^{[1
]}

Mylopoulos J. ^{[1
]}

Zannone N. ^{[1
]}

机构：

[1] Department of Information and Communication Technology, University of Trento, Trento

来源：

International Journal of Information Security | 2006年 / 5卷 / 4期

关键词：

Agent-oriented software; Privilege management; Requirements Engineering; Security Engineering; Trust models for business and organizations; Verification and validation of software;

D O I：

10.1007/s10207-006-0005-7

中图分类号：

学科分类号：

摘要：

A number of recent proposals aim to incorporate security engineering into mainstream software engineering. Yet, capturing trust and security requirements at an organizational level, as opposed to an IT system level, and mapping these into security and trust management policies is still an open problem. This paper proposes a set of concepts founded on the notions of ownership, permission, and trust and intended for requirements modeling. It also extends Tropos, an agent-oriented software engineering methodology, to support security requirements engineering. These concepts are formalized and are shown to support the automatic verification of security and trust requirements using Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study. © Springer-Verlag 2006.

引用

页码：257 / 274

页数：17

共 50 条

[41] Model Based Requirements Engineering for the Development of Modular Kits
Scherer, Helmut
Albers, Albert
Bursac, Nikola
COMPLEX SYSTEMS ENGINEERING AND DEVELOPMENT, 2017, 60 : 145 - 150
[42] Reasoning with goals to engineer requirements
Rolland, C
ENTERPRISE INFORMATION SYSTEMS V, 2004, : 12 - 20
[43] QUALITY MEASUREMENT MODEL FOR REQUIREMENTS ENGINEERING FLOSS TOOLS
Perez, Maria
Mendez, Edumilis
Dominguez, Kenyer
Mendoza, Luis E.
ICEIS 2010: PROCEEDINGS OF THE 12TH INTERNATIONAL CONFERENCE ON ENTERPRISE INFORMATION SYSTEMS, VOL 3: INFORMATION SYSTEMS ANALYSIS AND SPECIFICATION, 2010, : 249 - 254
[44] Security & Safety by Model-based Requirements Engineering
Japs, Sergej
2020 28TH IEEE INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE (RE'20), 2020, : 422 - 427
[45] Continuous requirements management for organisation networks: a (dis)trust-based approach
Günter Gans
Matthias Jarke
Stefanie Kethers
Gerhard Lakemeyer
Requirements Engineering, 2003, 8 (1) : 4 - 22
[46] KMoS-RE: knowledge management on a strategy to requirements engineering
Olmos, K.
Rodas, J.
REQUIREMENTS ENGINEERING, 2014, 19 (04) : 421 - 440
[47] KMoS-RE: knowledge management on a strategy to requirements engineering
K. Olmos
J. Rodas
Requirements Engineering, 2014, 19 : 421 - 440
[48] Requirements engineering in secure software systems: Factors that influence requirements risk analysis and risk management
Stinson, James
Vaughn, Rayfford
WMSCI 2006: 10TH WORLD MULTI-CONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL VI, PROCEEDINGS, 2006, : 342 - 345
[49] AORE (Aspect-Oriented Requirements Engineering) Methodology for Automotive Software Product Lines
Aoyama, Mkio
Yoshino, Atsuko
APSEC 2008:15TH ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE, PROCEEDINGS, 2008, : 203 - 210
[50] A high-level requirements engineering methodology for electronic system-level design
Gorse, N.
Belanger, P.
Chureau, A.
Aboulhamid, E. M.
Savaria, Y.
COMPUTERS & ELECTRICAL ENGINEERING, 2007, 33 (04) : 249 - 268

← 1 2 3 4 5 →