Representing security goals, policies, and objects

Proceedings - 5th IEEE/ACIS Int. Conf. on Comput. and Info. Sci., ICIS 2006. In conjunction with 1st IEEE/ACIS, Int. Workshop Component-Based Software Eng., Softw. Archi. and Reuse, COMSAR 2006

Volumn 2006, Issue , 2006, Pages 160-167

  Oladimeji, Ebenezer A ^a   Supakkul, Sam ^b   Chung, Lawrence ^b  

^a IT Verizon Communications   (United States)

^b The University of Texas at Dallas   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER SIMULATION; INFORMATION SYSTEMS; MATHEMATICAL MODELS; UNIFIED MODELING LANGUAGE;

COMPUTER BASED SYSTEMS; ENGINEERING SECURITY; SYSTEM DEVELOPMENT; UNIFYING GOAL ORIENTED ANALYSIS;

SECURITY OF DATA;

EID: 33947623138     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICIS-COMSAR.2006.73     Document Type: Conference Paper

References (23)

1. R. Crook, D. Ince, L. Lin, and B. Nuseibeh, "Security requirements engineering: When anti-requirements hit the fan," in Proceedings of IEEE Int. Requirements Engineering Conference (RE'02), 2002.
2. J. Rushby, "Security requirements specifications: How and what," in Proceedings of Symposium on Requirements Engineering for Information Security (SREIS'01), Indianapolis, March 2001.
3. G. Sindre and A. L. Opdahl, "Eliciting security requirements with misuse cases," Requirements Engineering Journal, vol. 10, no. 1, Jan 2005.
4. L. Liu, E. Yu, and J. Mylopoulos, "Analyzing security requirements as relationships among strategic actors," in 2nd Symposium on Requirements Eng. for Information Security (SREIS-02), Raleigh, NC, 2002.
5. D. G. Firesmith, "Engineering security requirements," Journal of Object Technology, vol. 2, no. 1, pp. 53-58, Jan-Feb 2003.
6. M. D. Quel, "The sans policy primer," 2001. [Online]. Available: http://www.sans.org/resources/policies/PolicyPrimer.pdf
7. J. Rumbaugh, I. Jacobson, and G. Booch, The Unified Modelling Language Reference Manual 2nd ed. Addison-Wesley, 2005.
8. T. Lodderstedt, D. Basin, and J. Doser, "Secureuml: A uml-based modeling language for model-driven security," UML 2002, LNCS 2460, Springer-Verlag, pp. 426-441, 2002.
9. J. Jrjens, "Umlsec: Extending uml for secure systems development," UML 2002, LNCS 2460, Springer-Verlag, 2002.
10. F. den Braber, M. S. Lund, K. Stølen, and F. Vraalsen, "Integrating security in the development process with uml," in Encyclopedia of Information Science and Technology (III), 2005, pp. 1560-1566.
11. P. G. F. Massacci, J. Mylopoulos, and N. Zannone, "Requirements engineering meets trust management: Model, methodology, and reasoning." in Proceedings of iTrust'04, LNCS 2995, 2004, pp. 176-190.
12. L. Liu, E. Yu, and J. Mylopoulos, "Security and privacy requirements analysis within a social setting," in Proceedings of RE'03, IEEE Press, 2003, pp. 151-161.
13. P. G. F. Massacci, J. Mylopoulos, and N. Zannone, "Modeling security requirements through ownership, permission and delegation," in Proceedings of RE'05, IEEE Press, 2005.
14. R. Crook, D. Ince, and B. Nuseibeh, "On modeling access policies: Relating roles to their organizational context," in Proceedings of RE'05, IEEE Press, 2005.
15. L. Chung, B. A. Nixon, E. Yu, and J. Mylopolos, Nonfunctional Requirements in Software Engineering. Kluwer Publishers, 2000.
16. E. Lupu and M. Sloman, "Conflicts in policy-based distibuted systems management," Transactions on Software Engineering - Special Issue on Inconsistency Management, vol. 25, no. 6, pp. 852-869, Nov. 1999.
17. D. Ferraiolo and R. Kuhn, "Role-based access controls," in 15th NIST-NCSC National Computer Security Conference, 1992, pp. 554-563.
18. N. Damianou, N. Dulay, E. Lupu, and M. Sloman, "The ponder policy specification language," Policy Workshop 2001, Bristol, U.K., Springer-Verlag, LNCS, Jan. 2001.
19. L. Chung, "Dealing with security requirements during the development of information systems," in Proceedings of 5th Int. Conference on Advanced Information Systems Engineering (CAiSE), 1993.
20. A. van Lamsweerde, "Goal-oriented requirements engineering: A guided tour," in Proceedings of RE'01. Toronto: IEEE Press, 2001.
21. L. Chung and S. Supakkul, "Representing nfrs and frs: A goal-oriented and use case driven approach," Software Engineering Research and Applications (SERA'2004)- LNCS, vol. 3647, pp. 29-41, 2005.
22. D. A. Marriott, M. S. Sloman, and N. Yialelis, "Management policy service for distributed systems," in Proc. of the IEEE 3rd Int. Workshop on Services in Distributed and Networked Environments, Macau, 1996.
23. J. H. Saltzer and M. D. Schroeder, "The protection of information in computer systems." in Proceedings of the IEEE, vol. 63(9), 1975.