Computer-aided support for secure tropos

Automated Software Engineering

Volumn 14, Issue 3, 2007, Pages 341-364

  Massacci, Fabio ^a   Mylopoulos, John ^a   Zannone, Nicola ^a  

^a UNIVERSITY OF TRENTO   (Italy)

Author keywords

Automated reasoning; CASE tools; Security requirements engineering

Indexed keywords

CASE BASED REASONING; COMPUTER AIDED SOFTWARE ENGINEERING; FORMAL LOGIC; MATHEMATICAL MODELS; SECURITY OF DATA; SPECIFICATIONS;

AUTOMATED REASONING; SECURE TROPOS MODELS; SECURITY REQUIREMENTS ENGINEERING;

REQUIREMENTS ENGINEERING;

EID: 34548563765     PISSN: 09288910     EISSN: 15737535     Source Type: Journal    
DOI: 10.1007/s10515-007-0013-5     Document Type: Article

References (59)

1. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic databases. In: Proc. of VLDB'02, pp. 143-154. Kaufmann, Los Altos (2002)
2. Alpern, B., Schneider, F.B.: Recognizing safety and liveness. Technical Report TR86-727, Cornell University, Computer Science Department (1986)
3. Anderson, R.: Why cryptosystems fail. Commun. ACM 37(11), 32-40 (1994)
4. Asnar, Y., Bonato, R., Bryl, V., Compagna, L., Dolinar, K., Giorgini, P., Holtmanns, S., Klobucar, T., Lanzi, P., Latanicki, J., Massacci, F., Meduri, V., Porekar, J., Riccucci, C., Saidane, A., Seguran, M., Yautsiukhin, A., Zannone, N.: Security and privacy requirements at organizational level. Research report A1.D2.1, SERENITY consortium (2006)
5. Association Cambiste Internationale: The model code: the international code of conduct and practice for the financial markets (2005). http://www.aciforex.com/market/July05_ModelCode.pdf
6. Avizienis, A., Laprie, J.-C., Randell, B., Landwehr, C.E.: Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Dependable Secur. Comput. 1(1), 11-33 (2004)
7. Basin, D., Doser, J., Lodderstedt, T.: Model driven security: from UML models to access control infrastructures. ACM Trans. Softw. Eng. Methodol. 15(1), 39-91 (2006)
8. Bauer, L., Ligatti, J., Walker, D.: More enforceable security policies. In: Proc. of FCS'02 (2002)
9. Bresciani, P., Giorgini, P., Giunchiglia, F., Mylopoulos, J., Perini, A.: TROPOS: an agent-oriented software development methodology. J. Auton. Agents Multi-Agent Syst. 8(3), 203-236 (2004)
10. Buckingham Shum, S.J., Selvin, A.M., Sierhuis, M., Conklin, J., Haley, C.B., Nuseibeh, B.: Hypermedia support for argumentation-based rationale: 15 years on from gIBIS and QOC. In: Rationale Management in Software Engineering, pp. 105-126. Springer, Berlin (2006)
11. Chung, L.K., Nixon, B.A., Yu, E., Mylopoulos, J.: Non-Functional Requirements in Software Engineering. Kluwer, Dordrecht (2000)
12. Dardenne, A., van Lamsweerde, A., Fickas, S.: Goal-directed requirements acquisition. Sci. Comput. Prog. 20, 3-50 (1993)
13. Darimont, R., Delor, E., Massonet, P., van Lamsweerde, A.: GRAIL/KAOS: an environment for goal-driven requirements engineering. In: Proc. of ICSE'97, pp. 612-613. ACM Press, New York (1997)
14. De Landtsheer, R., van Lamsweerde, A.: Reasoning about confidentiality at requirements engineering time. In: Proc. of ESEC/FSE'05, pp. 41-49. ACM Press, New York (2005)
15. den Braber, F., Dimitrakos, T., Gran, B.A., Lund, M.S., Stølen, K., Aagedal, J.∅.: The CORAS methodology: model-based risk assessment using UML and UP. In: UML and the Unified Process, pp. 332-357. Idea Group Publishing, New York (2003)
16. Ernst, N.A., Yu, Y., Mylopoulos, J.: Visualizing non-functional requirements. In: Proc. of REV'06, p. 2. IEEE Press, New York (2006)
17. Fickas, S., Nagarajan, P.: Critiquing software specifications. IEEE Softw. 5(6), 37-47 (1988)
18. Fuxman, A., Liu, L., Mylopoulos, J., Pistore, M., Roveri, M., Traverso, P.: Specifying and analyzing early requirements in tropos. Requir. Eng. J. 9(2), 132-150 (2004)
19. Gelfond, M., Lifschitz, V.: The stable model semantics for logic programming. In: Proc. of ICLP'88, pp. 1070-1080. MIT Press, Cambridge (1988)
20. Gelfond, M., Lifschitz, V.: Classical negation in logic programs and disjunctive databases. New Gener. Comput. 9(3/4), 365-386 (1991)
21. Germeau, F., Leduc, G.: Model-based design and verification of security protocols using LOTOS. In: Proc. of the DIMACS Workshop on Design and Formal Verification of Security Protocols (1997)
22. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Modelling social and individual trust in requirements engineering methodologies. In: Proc. of iTrust'05. Lecture Notes in Computer Science, vol. 3477, pp. 161-176. Springer, Berlin (2005a)
23. Giorgini, P., Massacci, F., Zannone, N.: Security and trust requirements engineering. In: FOSAD 2004/2005. Lecture Notes in Computer Science, vol. 3655, pp. 237-272. Springer, Berlin (2005b)
24. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Requirements engineering for trust management: model, methodology, and reasoning. Int. J. Inform. Sec. 5(4), 257-274 (2006)
25. Gravell, A.M., Henderson, P.: Executing formal specifications need not be harmful. IEE/BCS Softw. Eng. J. 11(2), 104-110 (1996)
26. Haley, C.B., Moffett, J., Laney, R., Nuseibeh, B.: Arguing security: validating security requirements using structured argumentation. In: Proc. of SREIS'05 (2005)
27. Heitmeyer, C.L., Kirby, J., Labaw, B.G., Bharadwaj, R.: SCR*: A toolset for specifying and analyzing software requirements. In: Proc. of CAV'98, pp. 526-531. Springer, Berlin (1998)
28. House of Lords, P.: Prince Jefri Bolkiah vs KPMG. 1 All ER 517 (1999). Available on www.parliament.the-stationeryoffice.co.uk
29. Jackson, D.: Alloy: a lightweight object modelling notation. ACM Trans. Softw. Eng. Methodol. 11(2), 256-290 (2002)
30. Johnson, C.W.: V2: using violation and vulnerability analysis to understand the root causes of complex security incidents. Submitted to ACM Trans. Inf. Syst. Secur. (2006)
31. Jorion, P.: Value-at-Risk: The New Benchmark for Managing Financial Risk. McGraw-Hill, New York (2000)
32. Jürjens, J.: Secure Systems Development with UML. Springer, Berlin (2004)
33. Leone, N., Pfeifer, G., Faber, W., Eiter, T., Gottlob, G., Perri, S., Scarcello, F.: The DLV system for knowledge representation and reasoning. ACM Trans. Comput. Log. 7(3), 499-562 (2006)
34. Lierler, Y.: Disjunctive answer set programming via satisfiability. In: Proc. of the 3rd Int. Workshop on Answer Set Prog.: Adv. in Theory and Implementation, CEUR Workshop Proceedings. CEUR-WS. org, vol. 142 (2005)
35. Lin, F., Zhao, Y.: ASSAT: computing answer sets of a logic program by SAT solvers. In: Proc. of the 18th Nat. Conf. on Artif. Intell, pp. 112-117. AAAI Press, Menlo Park (2002)
36. Liu, L., Yu, E.S.K., Mylopoulos, J.: Security and privacy requirements analysis within a social setting. In: Proc. of RE'03, pp. 151-161. IEEE Press, New York (2003)
37. Maiden, N., Sutcliffe, A.: Exploiting reusable specifications through analogy. CACM 35(4), 55-64 (1992)
38. Massacci, F., Prest, M., Zannone, N.: Using a security requirements engineering methodology in practice: the compliance with the Italian data protection legislation. Comput. Stand. Interfaces 27(5), 445-455 (2005)
39. Massacci, F., Zannone, N.: Detecting conflicts between functional and security requirements with secure tropos: John Rusnak and the Allied Irish Bank. Technical Report DIT-06-002, University of Trento (2006)
40. McDermott, J., Fox, C.: Using abuse case models for security requirements analysis. In: Proc. of ACSAC'99, pp. 55-66. IEEE Press, New York (1999)
41. National Security Agency: Information Assurance Technical Framework (IATF). Release 3.1 (2002)
42. Niemelä, I., Simons, P.: Efficient implementation of the well-founded and stable model semantics. In: Proc. of JICSLP'96, pp. 289-303. MIT Press, Cambridge (1996)
43. Niemelä, I., Simons, P., Syrjänen, T.: Smodels: a system for answer set programming. In: Proc. of the 8th Int. Workshop on Non-Monotonic Reas. (2000)
44. Nuseibeh, B., Easterbrook, S.: Requirements engineering: a roadmap. In: Proc. of ICSE'00, pp. 35-46. ACM Press, New York (2000)
45. Onabajo, A., Jahnke, J.H.: Modeling and reasoning for confidentiality requirements in software development. In: Proc. of ECBS'06, pp. 460-467. IEEE Press, New York (2006)
46. Perini, A., Susi, A.: Developing tools for agent-oriented visual modeling. In: Proc. of MATES'04. Lecture Notes in Computer Science, vol. 3187, pp. 169-182. Springer, Berlin (2004)
47. Promontory Financial Group, Wachtell, Lipton, Rosen, Katz: Report to the Board and Directors of Allied Irish Bank P.L.C., Allfirst Financial Inc., and Allfirst Bank Concerning Currency Trading Losses (2003)
48. Rifaut, A., Massonet, P., Molderez, J.-F., Ponsard, C., Stadnik, P., van Lamsweerde, A., Hung, T.V.: FAUST: formal analysis using specification tools. In: Proc. of RE'03, p. 350. IEEE Press, New York (2003)
49. Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proc. IEEE 63(9), 1278-1308 (1975)
50. Schätz, B., Pretschner, A., Huber, F., Philipps, J.: Model-based development of embedded systems. In: Proc. of OOIS'02. Lecture Notes in Computer Science, vol. 2426, pp. 298-312. Springer, Berlin (2002)
51. Schneider, F.B.: Decomposing properties into safety and liveness. Technical Report TR87-874, Cornell University, Computer Science Department (1987)
52. Selvin, A.M., Buckingham Shum, S.J.: Hypermedia as a productivity tool for doctoral research. New Rev. Hypermedia Multimedia 11(1), 91-101 (2005)
53. Sindre, G., Opdahl, A.L.: Eliciting security requirements with misuse cases. Requir. Eng. J. 10(1), 34-44 (2005)
54. Stamatelatos, M., Vesely, W., Dugan, J., Fragola, J., Minarick, J., Railsback, J.: Fault Tree Handbook with Aerospace Applications. NASA, Washington (2002)
55. US Department of Justice: United States of America v. John M. Rusnak. SMS/SD/USAO #2002R02005. (2002). http://www.usdoj.gov/dag/cftf/chargingdocs/ allfirst.pdf
56. van Gelder, A.: The alternating fixpoint of logic programs with negation. In: Proc. of PODS'89, pp. 1-10. ACM Press, New York (1989)
57. van Lamsweerde, A.: Elaborating security requirements by construction of intentional anti-models. In: Proc. of ICSE'04, pp. 148-157. IEEE Press, New York (2004)
58. van Lamsweerde, A., Letier, E.: Handling obstacles in goal-oriented requirements engineering. IEEE Trans. Softw. Eng. 26(10), 978-1005 (2000)
59. Yu, E.: Modelling strategic relationships for process reengineering. PhD thesis, University of Toronto (1995)