Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
RE
2005
Springer
2005
Springer
Modeling Security Requirements Through Ownership, Permission and Delegation
Security Requirements Engineering is emerging as a branch of Software Engineering, spurred by the realization that security must be dealt with early on during the requirements phase. Methodologies in this field are challenging as they must take into account subtle notions such as trust (or lack thereof), delegation, and permission; they must also model entire organizations and not only systems-to-be. In our previous work we introduced Secure Tropos, a formal framework for modeling and analyzing security requirements. Secure Tropos is founded on three main notions: ownership, trust, and delegation. In this paper we refine Secure Tropos introducing the notions of delegation and trust of execution (at-least delegation and trust) and delegation and trust of permission (at-most delegation and trust). We also propose the use of monitoring as security pattern that can be a design solution to overcome the problem of lack of trust between actors. The paper presents a semantics for these noti...
Real-time TrafficRelated Content
| Added | 28 Jun 2010 |
| Updated | 28 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | RE |
| Authors | Paolo Giorgini, Fabio Massacci, John Mylopoulos, Nicola Zannone |
Comments (0)
Researcher Info
|
