Filling the gap between requirements engineering and public key/trust management infrastructures

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 3093, Issue , 2004, Pages 98-111

  Giorgini, Paolo ^a   Massacci, Fabio ^a   Mylopoulos, John ^a,b   Zannone, Nicola ^a  

^a UNIVERSITY OF TRENTO   (Italy)

^b UNIVERSITY OF TORONTO   (Canada)

Author keywords

Modelling and Architecture; PKI and eHealth applications; PKI Requirements Analysis; Privilege Management; Security Engineering; Trust; Verification

Indexed keywords

DISTRIBUTED COMPUTER SYSTEMS; PUBLIC KEY CRYPTOGRAPHY; TELECOMMUNICATION NETWORKS; VERIFICATION;

E-HEALTH APPLICATIONS; PRIVILEGE MANAGEMENT; REQUIREMENTS ANALYSIS; SECURITY ENGINEERING; TRUST;

REQUIREMENTS ENGINEERING;

EID: 35048857793     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-540-25980-0_8     Document Type: Article

References (26)

1. S. Abiteboul, R. Hull, and V. Vianu. Foundations of Databases. Addison-Wesley, 1995.
2. R. Anderson. Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley Computer Publishing, 2001.
3. A. Bandara, E. Lupu, and A. Russo. Using Event Calculus to Formalise Policy Specification and Analysis. In Proc. of the 4th Int. Workshop on Policies for Distributed Sys. and Networks (POLICY'03), 2003.
4. M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis. The Role of Trust Management in Distributed Systems Security. Secure Internet Programming, 1603:185-210, 1999.
5. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized Trust Management. In Proc. of 1996 IEEE Symp. on Sec. and Privacy, pages 164-173, 1996.
6. P. Bresciani, P. Giorgini, F. Giunchiglia, J. Mylopoulos, and A. Perini. TROPOS: An Agent-Oriented Software Development Methodology. JAAMAS, 8(3):203-236, 2004.
7. Y.-H. Chu, J. Feigenbaum, B. LaMacchia, P. Resnick, and M. Strauss. REFEREE: Trust management for Web applications. Computer Networks and ISDN Systems, 29(8-13):953-964, 1997.
8. N. Damianou. A Policy Framework for Management of Distributed Systems. PhD thesis, University of London, 2002.
9. T. Dell' Armi, W. Faber, G. Ielpa, N. Leone, and G. Pfeifer. Aggregate Functions in Disjunctive Logic Programming: Semantics, Complexity, and Implementation in DLV. In Proc. of IJCAI'03. Morgan Kaufmann Publishers, 2003.
10. C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. Simple Public Key Certificates. Internet Draft (work in progress), 1999.
11. A. Fuxman, L. Liu, M. Pistore, M. Roveri, and J. Mylopoulos. Specifying and analyzing early requirements: Some experimental results. In Proc. of RE'03, page 105. IEEE Press, 2003.
12. P. Giorgini, F. Massacci, J. Mylopoulous, and N. Zannone. Requirements Engineering meets Trust Management: Model, Methodology, and Reasoning. In Proc. of iTrust 2004, volume 2995 of LNCS, pages 176-190. Springer-Verlag Heidelberg, 2004.
13. S. Guttorm. Eliciting Security Requirements by Misuse Cases. In Proc. of TOOLS Pacific 2000, 2000.
14. T. Jim. SD3: a trust management system with certified evaluation. In Proc. of 2001 IEEE Symp. on Sec. and Privacy, pages 106 -115. IEEE Press, 2001.
15. J. Jürjens. Towards Secure Systems Development with UMLsec. In Proc. of FASE'01, 2001.
16. N. Li, B. N. Grosof, and J. Feigenbaum. Delegation logic: A logic-based approach to distributed authorization. TISSEC, 6(1):128-171, 2003.
17. N. Li and J. C. Mitchell. Datalog with Constraints: A Foundation for Trust-management Languages. In Proc.of PADL'03, 2003.
18. N. Li, J. C. Mitchell, and W. H. Winsborough. Design of A Role-based Trust-management Framework. In Proc. of 2002 IEEE Symp. on Sec. and Privacy, 2002.
19. N. Li, W. H. Winsborough, and J. C. Mitchell. Distributed Credential Chain Discovery in Trust Management. J. of Comp. Sec., 11(1):35-86, 2003.
20. L. Liu, E. S. K. Yu, and J. Mylopoulos. Security and Privacy Requirements Analysis within a Social Setting. In Proc. of RE'03, pages 151-161, 2003.
21. T. Lodderstedt, D. Basin, and J. Doser. SecureUML: A UML-Based Modeling Language for Model-Driven Security. In J.-M. Jezequel, H. Hussmann, and S. Cook, editors, Proc. of UML'02, volume 2460, pages 426-441. Springer-Verlag Heidelberg, 2002.
22. J. Lopez, A. Mana, J. A. Montenegro, and J. J. Ortega. PKI design based on the use of on-line certification authorities. Int. J. of Information Sec., 2(2):91 - 102, 2004.
23. J. McDermott and C. Fox. Using Abuse Care Models for Security Requirements Analysis. In Proc. of ACSAC'99, 1999.
24. R. L. Rivest and B. Lampson. SDSI - A Simple Distributed Security Infrastructure, 1996.
25. W. Stallings. Cryptography and Network Security: Principles and Practice. Prentice-Hall, Englewood Cliffs, New Jersey, 1999.
26. T. Tryfonas, E. Kiountouzis, and A. Poulymenakou. Embedding security practices in contemporary information systems development approaches. Inform. Management and Comp. Sec., 9:183-197, 2001.