Requirements engineering for trust management: Model, methodology, and reasoning

被引:0
|
作者
Giorgini P. [1 ]
Massacci F. [1 ]
Mylopoulos J. [1 ]
Zannone N. [1 ]
机构
[1] Department of Information and Communication Technology, University of Trento, Trento
来源
International Journal of Information Security | 2006年 / 5卷 / 4期
关键词
Agent-oriented software; Privilege management; Requirements Engineering; Security Engineering; Trust models for business and organizations; Verification and validation of software;
D O I
10.1007/s10207-006-0005-7
中图分类号
学科分类号
摘要
A number of recent proposals aim to incorporate security engineering into mainstream software engineering. Yet, capturing trust and security requirements at an organizational level, as opposed to an IT system level, and mapping these into security and trust management policies is still an open problem. This paper proposes a set of concepts founded on the notions of ownership, permission, and trust and intended for requirements modeling. It also extends Tropos, an agent-oriented software engineering methodology, to support security requirements engineering. These concepts are formalized and are shown to support the automatic verification of security and trust requirements using Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study. © Springer-Verlag 2006.
引用
收藏
页码:257 / 274
页数:17
相关论文
共 50 条
  • [1] Requirements engineering meets trust management - Model, methodology, and reasoning
    Giorgini, P
    Massacci, F
    Mylopoulos, J
    Zannone, N
    TRUST MANAGEMENT, PROCEEDING, 2004, 2995 : 176 - 190
  • [2] Methodology proposal for specifying records management requirements from requirements engineering
    del Castillo Guevara, Jorge
    Torres Ponjuan, Deborah
    INVESTIGACION BIBLIOTECOLOGICA, 2022, 36 (91): : 33 - 48
  • [3] Engineering Autonomous Trust-Management Requirements for Software Agents: Requirements and Concepts
    Kaffille, Sven
    Wirtz, Guido
    INNOVATIONS AND ADVANCES IN COMPUTER SCIENCES AND ENGINEERING, 2010, : 483 - 489
  • [4] Security and trust requirements engineering
    Giorgini, P
    Massacci, F
    Zannone, N
    FOUNDATIONS OF SECURITY ANALYSIS AND DESIGN III, 2005, 3655 : 237 - 272
  • [5] An application of uncertain reasoning to requirements engineering
    Barry, PS
    Laskey, KB
    UNCERTAINTY IN ARTIFICIAL INTELLIGENCE, PROCEEDINGS, 1999, : 41 - 48
  • [6] Project Management Methodology Requirements for use in Undergraduate Engineering Research Projects
    Chin, C. M. M.
    Spowage, A. C.
    2008 IEEE INTERNATIONAL CONFERENCE ON MANAGEMENT OF INNOVATION AND TECHNOLOGY, VOLS 1-3, 2008, : 311 - 316
  • [7] Filling the gap between requirements engineering and public key/trust management infrastructures
    Giorgini, P
    Massacci, F
    Mylopoulos, J
    Zannone, N
    PUBLIC KEY INFRASTRUCTURE, PROCEEDINGS, 2004, 3093 : 98 - 111
  • [8] Agile requirements engineering via paraconsistent reasoning
    Ernst, Neil A.
    Borgida, Alexander
    Jureta, Ivan J.
    Mylopoulos, John
    INFORMATION SYSTEMS, 2014, 43 : 100 - 116
  • [9] Representing and reasoning about preferences in requirements engineering
    Sotirios Liaskos
    Sheila A. McIlraith
    Shirin Sohrabi
    John Mylopoulos
    Requirements Engineering, 2011, 16 : 227 - 249
  • [10] Representing and reasoning about preferences in requirements engineering
    Liaskos, Sotirios
    McIlraith, Sheila A.
    Sohrabi, Shirin
    Mylopoulos, John
    REQUIREMENTS ENGINEERING, 2011, 16 (03) : 227 - 249
12345