Using trust assumptions with security requirements

Requirements Engineering

Volumn 11, Issue 2, 2006, Pages 138-151

  Haley, Charles B ^a   Laney, Robin C ^a   Moffett, Jonathan D ^a   Nuseibeh, Bashar ^a  

^a OPEN UNIVERSITY   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 32044457421     PISSN: 09473602     EISSN: 1432010X     Source Type: Journal    
DOI: 10.1007/s00766-005-0023-4     Document Type: Article

References (60)

1. ISO/IEC: Information Technology-Security Techniques-Evaluation Criteria for IT Security. Part 1: Introduction and general model. International Standard 15408-1, ISO/IEC, Geneva Switzerland, 1 Dec 1999
2. Zave P (1997) Classification of research efforts in requirements engineering. Comput Survey 29(4):315-321
3. van Lamsweerde A (2000) Requirements engineering in the year 00: A research perspective. Proceedings of the 22nd international conference on software engineering (ICSE'00), 4-11 June 2000. IEEE Computer Society Press
4. Greenspan SJ, Mylopoulos J, Borgida A (1982) Capturing more world knowledge in the requirements specification. Proceedings of the 6th international conference on software engineering (ICSE'82), Tokyo, 13-16 September 1982, pp 225-234
5. Devanbu P, Stubblebine S (2000) Software engineering for security: A roadmap. Finkelstein A (ed) The future of software engineering. ACM Press, New York
6. Firesmith DG (2003) Common concepts underlying safety, security, and survivability engineering. Technical Report CMU/SEI-2003-TN-033, Software Engineering Institute, Carnegie Mellon University, Pittsburgh
7. Moffett JD, Haley CB, Nuseibeh B (2004) Core security requirements artefacts. Technical Report 2004/23, Department of Computing, The Open University, Milton Keynes
8. Jackson M (1995) Software requirements and specifications. Addison Wesley, Reading
9. Jackson M (2001) Problem frames. Addison Wesley, Reading
10. Viega J, Kohno T, Potter B (2001) Trust (and mistrust) in secure applications. Commun ACM 44(2):31-36
11. Thompson K (1984) Reflections on trusting trust. Commun ACM 27(8):761-763
12. Haley CB, Laney RC, Nuseibeh B (2004) Deriving security requirements from crosscutting threat descriptions. Proceedings of the 3rd international conference on aspect-oriented software development (AOSD'04), Lancaster, 22-26 March 2004. ACM Press, New York, pp 112-121
13. van Lamsweerde A (2001) Goal-oriented requirements engineering: A guided tour. Proceedings of the 5th IEEE international symposium on requirements engineering (RE'01), Toronto, 27-31 August 2001. IEEE Computer Society Press, pp 249-263
14. Zave P, Jackson M (1997) Four dark corners of requirements engineering. Trans Softw Eng Method 6(1):1-30
15. Chung L, Nixon B, Yu E, Mylopoulos J (2000) Non-functional requirements in software engineering. Kluwer, Dordrecht
16. Gani A, Manson G, Giorgini P, Mouratidis H (2003) Analysing security requirements of information systems using Tropos. Proceedings of the 5th international conference on enterprise information systems (ICEIS'03), Angers, 23-26 April 2003
17. Kotonya G, Sommerville I (1998) Requirements engineering: Processes and techniques. Wiley, United Kingdom
18. Pfleeger CP, Pfleeger SL (2002) Security in computing. Prentice Hall, Englewood Cliffs
19. Grandison T, Sloman M (2003) Trust management tools for internet applications. Proceedings of the 1st international conference on trust management, vol 2692, Heraklion, Crete, 28-30 May 2003. Springer, Berlin Heidelberg New York
20. Secure Electronic Transaction LLC: SET Secure Electronic Transaction Specification Book 1: Business description, version 1.0. Purchase NY, 31 May 1997
21. Secure Electronic Transaction LLC: SET Secure Electronic Transaction Specification Book 2: Programmer's guide, version 1.0. Purchase NY, 31 May 1997
22. Secure Electronic Transaction LLC: SET Secure Electronic Transaction Specification Book 3: Formal protocol definition, version 1.0. Purchase NY, 31 May 1997
23. Yu E (1997) Towards modelling and reasoning support for early-phase requirements engineering. Proceedings of the 3rd IEEE international symposium on requirements engineering (RE'97), Annapolis, 6-10 January 1997, pp 226-235
24. Yu E, Liu L (2001) Modelling trust for system design using the i* strategic actors framework. Falcone R, Singh MP, Tan YH (eds) Trust in cyber-societies, integrating the human and artificial perspectives Springer, Berlin Heidelberg New York, 15-16 October 2002, pp 175-194
25. Liu L, Yu E, Mylopoulos J (2003) Security and privacy requirements analysis within a social setting. Proceedings of the 11th IEEE international requirements engineering conference (RE'03), Monteray Bay, 8-12 September 2003
26. Castro J, Kolp M, Mylopoulos J (2001) A requirements-driven development methodology. Proceedings of the 13th conference on advanced information systems engineering (CAiSE'01), Interlaken, Switzerland, 4-8 June 2001, pp 108-123
27. Fuxman A, Pistore M, Mylopoulos J, Traverso P (2001) Model checking early requirements specifications in Tropos. Proceedings of the 5th IEEE international symposium on requirements engineering, Toronto, pp 174-181
28. Giorgini P, Massacci F, Mylopoulos J (2003) Requirement engineering meets security: A case study on modelling secure electronic transactions by VISA and Mastercard. Proceedings of the 22nd international conference on conceptual modeling, Chicago, 13-16 October 2003. Springer, Berlin Heidelberg New York, pp 263-276
29. Giorgini P, Massacci F, Mylopoulos J, Zannone N (2004) Requirements engineering meets trust management: Model, method, and reasoning. Proceedings of the 2nd international conference on trust management, Oxford, 28 March-1 April 2004. Lecture notes in computer science. Springer, Berlin Heidelberg New York
30. Mouratidis H, Giorgini P, Manson G (2003) Integrating security and systems engineering: Toward the modelling of secure information systems. Proceedings of the 15th conference on advanced information systems engineering (CAiSE'03), Klagenfurt/Velden, 6-10 June 2003. Springer, Berlin Heidelberg New York
31. Gans G, Jarke M, Kethers S, Lakemeyer G, Ellrich L, Funken C, Meister M (2001) Requirements modeling for organization networks: A (dis)trust-based approach. Proceedings of the 5th IEEE international symposium on requirements engineering (RE'01), 27-31 August 2001. IEEE Computer Society Press, Toronto, pp 154-165
32. Yu E, Cysneiros LM (2002) Designing for privacy and other competing requirements. Proceedings of the 2nd symposium on requirements engineering for information security (SREIS'02), Raleigh
33. Dardenne A, van Lamsweerde A, Fickas S (1993) Goal-directed requirements acquisition. Sci Comput Program 20(1-2):3-50
34. van Lamsweerde A, Letier E (2000) Handling obstacles in goal-oriented requirements engineering. Transact Softw Eng (IEEE) 26(10):978-1005
35. van Lamsweerde A (2004) Elaborating security requirements by construction of intentional anti-models. Proceedings of the 26th international conference on software engineering (ICSE'04), Edinburgh, 26-28 May 2004, pp 148-157
36. van Lamsweerde A, Brohez S, De Landtsheer R, Janssens D (2003) From system goals to intruder anti-goals: Attack generation and resolution for security requirements engineering. Requirements for high assurance systems workshop (RHAS'03), 11th international requirements engineering conference (RE'03), Monterey, 8 September 2003
37. He Q, Antón AI (2003) A framework for modeling privacy requirements in role engineering. Proceedings of the 9th international workshop on requirements engineering: Foundation for software quality, the 15th conference on advanced information systems engineering (CAiSE'03), Klagenfurt/Velden, 16 June 2003 Klagenfurt/Velden, 16 June 2003
38. Heitmeyer CL (2001) Applying 'practical' formal methods to the specification and analysis of security properties. Proceedings of the international workshop on information assurance in computer networks: methods, models, and architectures for network computer security (MMM ACNS 2001), vol 2052, St. Petersburg, 21-23 May 2001. Springer, Berlin Heidelberg New York, pp 84-89
39. In H, Boehm BW (2001) Using WinWin quality requirements management tools: A case study. Ann Softw Eng 11(1):141-174
40. Alexander I (2002) Initial industrial experience of misuse cases in trade-off analysis. Proceedings of the IEEE joint international conference on requirements engineering (RE'02), Essen, pp 61-68
41. Alexander I (2002) Modelling the interplay of conflicting goals with use and misuse cases. Proceedings of 8th international workshop on requirements engineering: Foundation for software quality (REFSQ'02), Essen, 9-10 September 2002, pp 145-152
42. Sindre G, Opdahl AL (2000) Eliciting security requirements by misuse cases. Proceedings of the 37th international conference on technology of object-oriented languages and systems (TOOLS-Pacific'00), Sydney, 20-23 November 2000, pp 120-131
43. McDermott J (2001) Abuse-case-based assurance arguments. Proceedings of the 17th computer security applications conference (ACSAC'01), New Orleans, 10-14 December 2001. IEEE Computer Society Press, pp 366-374
44. McDermott J, Fox C (1999) Using abuse case models for security requirements analysis. Proceedings of the 15th computer security applications conference (ACSAC'99), Phoenix, 6-10 December 1999. IEEE Computer Society Press, pp 55-64
45. Srivatanakul T, Clark JA, Polack F (2004) Writing effective security abuse cases. Technical Report YCS-2004-375, Department of Computer Science, University of York, York, 11 May 2004
46. Lin L, Nuseibeh B, Ince D, Jackson M, Moffett J (2003) Introducing abuse frames for analyzing security requirements. Proceedings of the 11th IEEE international requirements engineering conference (RE'03), Monterey, 8-12 September 2003, pp 371-372
47. Rashid A, Moreira AMD, Araújo J (2003) Modularisation and composition of aspectual requirements. Proceedings of the 2nd international conference on aspect-oriented software development (AOSD'03), Boston, 17-21 March 2003. ACM Press, New York, pp 11-20
48. Rashid A, Sawyer P, Moreira AMD, Araújo J (2002) Early aspects: A model for aspect-oriented requirements engineering. Proceedings of the IEEE joint international conference on requirements engineering (RE'02), Essen, 9-13 September 2002, pp 199-202
49. Brito I, Moreira A (2004) Integrating the NFR framework in a RE model. Presented at Early aspects 2004: Aspect-oriented requirements engineering and architecture design (AORE'04), with the 3rd international conference on aspect-oriented software development (AOSD'04), Lancaster University, UK
50. Lee J, Lai KY (1991) What's in design rationale? Hum Comput Interact Spec Issue Design Rationale 6(3-4):251-280
51. Backingham Shum SJ (2003) The roots of computer supported argument visualization. Kirschner PA, Buckingham Shum SJ, Carr CS (eds) Visualizing argumentation: Software tools for collaborative, educational sense-making. Springer, London, pp 3-24
52. Potts C, Bruns G (1988) Recording the reasons for design decisions. Proceedings of the 10th international conference on software engineering (ICSE'88), Singapore. IEEE Computer Society, pp 418-427
53. Burge JE, Brown DC (2004) An integrated approach for software design checking using design rationale. Gero JS (ed) Proceedings of the 1st international conference on design computing and cognition. Kluwer, Cambridge, pp 557-576
54. Mylopoulos J, Borgida A, Jarke M, Koubarakis M (1990) Telos: representing knowledge about information systems. ACM Trans Inf Syst (TOIS) 8(4):325-362
55. Ramesh B, Dhar V (1992) Supporting systems development by capturing deliberations during requirements engineering. IEEE Trans Softw Eng 18(6):498-510
56. Fischer G, Lemke AC, McCall R, Morch A (1996) Making argumentation serve design. Moran T, Carrol J (Eds) Design rationale concepts, techniques, and use. Lawrence Erlbaum and Associates, Mahwah, pp 267-293
57. Finkelstein A, Fuks H (1989) Multiparty specification. Proceedings of the 5th international workshop on software specification and design, Pittsburgh, pp 185-195
58. Haley CB, Laney RC, Nuseibeh B (2005) Arguing security: Validating security requirements using structured argumentation. Technical Report 2005/04, Department of Computing, The Open University, Milton Keynes, 21 March 2005
59. Haley CB, Laney RC, Moffett JD, Nuseibeh B (2004) The effect of trust assumptions on the elaboration of security requirements. Proceedings of the 12th international requirements engineering conference (RE'04), Kyoto, 6-10 September 2004. IEEE Computer Society Press, pp 102-111
60. Haley CB, Laney RC, Moffett JD, Nuseibeh B (2004) Picking battles: The impact of trust assumptions on the elaboration of security requirements. Proceedings of the 2nd international conference on trust management (iTrust'04), vol 2995, St Anne's College, Oxford, 29 March-1April 2004. Lecture notes in computer science. Springer, Berlin Heidelberg New York, pp 347-354