From trust to dependability through risk analysis

Proceedings - Second International Conference on Availability, Reliability and Security, ARES 2007

Volumn , Issue , 2007, Pages 19-26

  Asnar, Yudistira ^a   Giorgini, Paolo ^a   Massacci, Fabio ^a   Zannone, Nicola ^a  

^a UNIVERSITY OF TRENTO   (Italy)

Author keywords

[No Author keywords available]

Indexed keywords

AIR TRAFFIC CONTROL; MATHEMATICAL MODELS; RISK ANALYSIS; SOCIETIES AND INSTITUTIONS;

AIR TRAFFIC MANAGEMENT; CRITICAL SYSTEMS; ORGANIZATIONAL SETTING;

SECURITY OF DATA;

EID: 34548171255     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ARES.2007.93     Document Type: Conference Paper

References (27)

1. Y. Asnar and P. Giorgini. Modelling risk and identifying countermeasures in organizations. In Proc. of CRITIS'06, 2006.
2. Y. Asnar, P. Giorgini, and J. Mylopoulos. Risk Modelling and Reasoning in Goal Models. Technical Report DIT-06-008, University of Trento, 2006.
3. A. Avizienis, J.-C. Laprie, B. Randell, and C. E. Landwehr. Basic Concepts and Taxonomy of Dependable and Secure Computing. TDSC, 1(1):11-33, 2004.
4. T. Bedford and R. Cooke. Probabilistic Risk Analysis: Foundations and Methods. Cambridge University Press, 2001.
5. R. Butler, J. Maddalon, A. Geser, and C. Muñoz. Simulation and Verification I: Formal Analysis of Air Traffic Management Systems: The Case of Conflict Resolution and Recovery. In Proc. of WSC'03, pages 906-914. IEEE Press, 2003.
6. S. A. Butler. Security Attribute and Evaluation Method. PhD thesis, Carnegie Mellon University, 2003.
7. S. Campadello, L. Compagna, D. Gidoin, P. Giorgini, S. Holtmanns, J. Latanicki, V. Meduri, J.-C. Pazzaglia, M. Seguran, R. Thomas, and N. Zannone. S&D Requirements Specification. Research report A7.D2.1, SERENITY consortium, 2006.
8. S. Cox, B. Jones, and D. Collinson. Trust Relations in High-Reliability Organizations. Risk Analysis, 26(5): 1123-1138, 2006.
9. DoD. Department of Defense Information Technolgoy Security Certification and Accreditation Process (DITSCAP) Application Manual. US-Department of Defense, July 2000.
10. R. Falcone and C. Castelfranchi. Social Trust: A Cognitive Approach. In Trust and Deception in Virtual Societibes, pages 55-90. Kluwer Academic Publishers, 2001.
11. M. S. Feather. Towards a Unified Approach to the Representation of, and Reasoning with, Probabilistic Risk Information about Software and its System Interface. In Proc. of ISSRE'04, pages 391-402. IEEE Press, 2004.
12. M. S. Feather, S. L. Cornford, K. A. Hicks, and K. R. Johnson. Applications of tool support for risk-informed requirements reasoning. Computer Systems Science & Engineering, 20(1):5-17, 2005.
13. R. Fredriksen, M. Kristiansenand, B. A. Granand, K. Stølen, T. A. Opperud, and T. Dimitrakos. The CORAS framework for a model-based risk management process. In Proc. of SAFECOMP'02, LNCS 2434, pages 94-105. Springer-Verlag, 2002.
14. P. Giorgini, F. Massacci, J. Mylopoulos, and N. Zannone. Modeling Security Requirements Through Ownership, Permission and Delegation. In Proc. of RE'05, pages 167-176. IEEE Press, 2005.
15. P. Giorgini, F. Massacci, J. Mylopoulos, and N. Zannone. Modelling Social and Individual Trust in Requirements Engineering Methodologies. In Proc. of iTrust'05, LNCS 3477, pages 161-176. Springer-Verlag, 2005.
16. P. Giorgini, J. Mylopoulos, E. Nicchiarelli, and R. Sebastiani. Formal Reasoning Techniques for Goal Models. Journal of Data Semantics, 1(1): 1-20, 2003.
17. J. Jacobson. Safety Validation of Dependable Transportation Systems. In Proc. of ITSC'05, pages 1-6, 2005.
18. S. Jajodia, P. Samarati, V. S. Subrahmanian, and E. Bertino. A unified framework for enforcing multiple access control policies. In Proc. of PODS'97, pages 474-485. ACM Press, 1997.
19. A. Jøsang and S. Presti. Analysing the Relationship Between Risk and Trust. In Proc. of iTrust '04, LNCS 2995, pages 135-145. Springer-Verlag, 2004.
20. S. Lee, R. Gandhi, and G. Ahn. Security Requirements Driven Risk Assessment for Critical Infrastructure Information Systems. In Proc. of SREIS'05, 2005.
21. D. Manchala. Trust Metrics, Models and Protocols for Electronic Commerce Transactions. In Proc. of ICDCS'98, pages 312-321. IEEE Press, 1998.
22. N. Mayer, A. Rifaut, and E. Dubois. Towards a Risk-Based Security Requirements Engineering Framework. In Proc. of REFSQ '05, 2005.
23. D. M. Nicol, W. H. Sanders, and K. S. Trivedi. Model-Based Evaluation: From Dependability to Security. TDSC, 1(1):48-65, 2004.
24. D. Shapiro and R. Shachter. User-Agent Value Alignment. In Proc. of The 18th Nat. Conf. on Artif. Intell AAAI, 2002.
25. I. Sommerville. Software Engineering. Addison Wesley, 7th edition, 2004.
26. M. Stamatelatos, W. Vesely, J. Dugan, J. Fragola, J. Minarick, and J. Railsback. Fault Tree Handbook with Aerospace Applications. NASA, 2002.
27. E. Yu. Modelling strategic relationships for process reengineering. PhD thesis, University of Toronto, 1996.