Reusable security use cases for mobile grid environments

Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems, SESS 2009

Volumn , Issue , 2009, Pages 1-8

  Rosado, David G ^a   Fernández Medina, Eduardo ^a   López, Javier ^b  

^a UNIVERSITY OF CASTILLA LA MANCHA   (Spain)

^b UNIVERSITY OF MÁLAGA   (Spain)

Author keywords

[No Author keywords available]

Indexed keywords

ANALYSIS MODELS; COMPLEX INFORMATION; CROSS-DOMAIN AUTHENTICATION; DESIGN PHASE; DEVELOPMENT METHODOLOGY; DEVELOPMENT PROCESS; GRID TECHNOLOGIES; MOBILE GRID; MULTIPLE SECURITIES; NON-FUNCTIONAL REQUIREMENTS; SECURITY REQUIREMENTS; SOFTWARE DEVELOPMENT; SYSTEMATIC PROCESS; TECHNICAL SOLUTIONS;

COMPUTER SCIENCE; COMPUTER SOFTWARE; INFORMATION SYSTEMS; MOBILE DEVICES; PORTABLE EQUIPMENT;

GRID COMPUTING;

EID: 70349918315     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IWSESS.2009.5068452     Document Type: Conference Paper

References (38)

1. R. Kolonay and M. Sobolewski, "Grid Interactive Service-oriented Programming Environment," presented at Concurrent Engineering: The Worldwide Engineering Grid, Tsinghua, China, pp. 97-102, 2004.
2. L. Bass, F. Bachmann, R. J. Ellison, A. P. Moore, and M. Klein, "Security and survivability reasoning frameworks and architectural design tactics," SEI, 2004.
3. J. Jürjens, Secure Systems Development with UML: Springer-Verlag, 2004.
4. T. Lodderstedt, D. Basin, and J. r. Doser, "SecureUML: A UML-Based Modeling Language for Model-Driven Security," Dresden, Germany, pp. 426-441, 2002.
5. R. Breu, K. Burger, M. Hafner, J. Jürjens, G. Popp, V. Lotz, and G.Wimmel, "Key issues of a formally based process model for security engineering," presented at International Conference on Software and Systems Engineering and their Applications, 2003.
6. C. B. Haley, J. D. Moffet, R. Laney, and B. Nuseibeh, "A framework for security requirements engineering," presented at Software Engineering for Secure Systems Workshop, Shangai, China, pp. 35-42, 2006.
7. H. Mouratidis and P. Giorgini, Integrating Security and Software Engineering: Advances and Future Vision: IGI Global, 2006.
8. C. Artelsmair and R. Wagner, "Towards a Security Engineering Process," presented at The 7th World Multiconference on Systemics, Cybernetics and Informatics, Orlando, Florida, USA, 2003.
9. D. Basin, J. Doser, and T. Lodderstedt, "Model driven security for process-oriented systems," presented at ACM Symposium on Access Control Models and Technologies, Como, Italy, pp. 100-109, 2003.
10. I. Foster and C. Kesselman, The Grid2: Blueprint for a Future Computing Infrastructure. San Francisco, CA: Morgan Kaufmann Publishers; 2 edition, 2004.
11. I. Foster, C. Kesselman, G. Tsudik, and S. Tuecke, "A Security Architecture for Computational Grids," presented at 5th Conference on Computer and Communications Security, San Francisco, USA, pp. 83-92, 1998.
12. D. Bruneo, M. Scarpa, A. Zaia, and A. Puliafito, "Communication paradigms for mobile grid users," presented at 3rd IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGRID'03). pp. 669-676, 2003.
13. A. Litke, D. Skoutas, and T. Varvarigou, "Mobile Grid Computing: Changes and Challenges of Resourse Management in a Mobile Grid Environment," presented at 5th International Conference on Practical Aspects of Knowledge Management (PAKM 2004), 2004.
14. T. Guan, E. Zaluska, and D. D. Roure, "A Grid Service Infrastructure for Mobile Devices," presented at First International Conference on Semantics, Knowledge, an Grid (SKG 2005), Beijing, China, 2005.
15. H. Jameel, U. Kalim, A. Sajjad, S. Lee, and T. Jeon, "Mobile-To-Grid Middleware: Bridging the gap between mobile and Grid environments," presented at European Grid Conference EGC 2005, Amsterdam, The Netherlands, pp. 932-941, 2005.
16. S.-M. Park, Y.-B. Ko, and J.-H. Kim, "Disconnected Operation Service in Mobile Grid Computing," presented at International Conference on Service Oriented Computing (ICSOC'2003), Trento, Italy, 2003.
17. M. Humphrey, M. R. Thompson, and K. R. Jackson, "Security for Grids," Lawrence Berkeley National Laboratory. Paper LBNL-54853, 2005.
18. A. Chakrabarti, A. Damodaran, and S. Sengupta, "Grid Computing Security: A Taxonomy," IEEE Security & Privacy, vol. 6 (1), pp. 44-51, 2008.
19. P. G. Bradford, B. M. Grizzell, G. T. Jay, and J. T. Jenkins, "Cap. 4. Pragmatic Security for Constrained Wireless Networks," in Security in Distributed, Grid, Mobile, and Pervasive Computing, A. Publications, Ed. The University of Alabama, Tuscaloosa, USA, pp. 440, 2007.
20. H. Dail, O. Sievert, F. Berman, H. Casanova, A. YarKhan, S. Vadhiyar, J. Dongarra, C. Liu, L. Yang, D. Angulo, and I. Foster, "Scheduling In The Grid Application Development Software Project," in Grid resource management:state of the art and future trends, pp. 73-98, 2004.
21. D. C. Schmidt, "Model-Driven Engineering," IEEE Computer, vol. 39 (2), 2006.
22. P. Kruchten, The Rational Unified Process: An Introduction, 2nd ed: Addison-Wesley, 2000.
23. I. Jacobson, G. Booch, and J. Rumbaugh, The Unified Software Development Process: Addison-Wesley Professional, 1999.
24. I. Flechais, M. A. Sasse, and S. M. V. Hailes, "Bringing Security Home: A process for developing secure and usable systems," presented at Nwe Security Paradigms Workshop (NSPW'03), Ascona, Switzerland, 2003.
25. J. Jurjens, "Towards Development of Secure Systems Using UMLsec," presented at Fundamental Approaches to Software Engineering (FASE/ETAPS), 2001.
26. J. Jurjens, "UMLsec: Extending UML for Secure Systems Development," presented at 5th International Conference on the Unified Modeling Language (UML), Dresden, Germany, pp. 1-9, 2002.
27. C. Steel, R. Nagappan, and R. Lai, "Chapter 8.The Alchemy of Security Design Methodology, Patterns, and Reality Checks," in Core Security Patterns:Best Practices and Strategies for J2EE™, Web Services, and Identity Management: Prentice Hall PTR/Sun Micros, pp. 1088, 2005.
28. G. Popp, J. Jürjens, G. Wimmel, and R. Breu, "Security-Critical System Development with Extended Use Cases," presented at Tenth Asia-Pacific Software Engineering Conference (APSEC'03), 2003.
29. D. Chu and M. Humphrey, "Mobile osgi.net: Grid computing on mobile devices," presented at 5th IEEE/ACM International Workshop on Grid Computing -Grid2004 (at Supercomputing 2004), 2004.
30. L. Kwok-Yan, Z. Xi-Bin, C. Siu-Leung, M. Gu, and S. Jia-Guang, "Enhancing Grid Security Infrastructure to Support Mobile Computing Nodes," Lecture Notes in Computer Science, vol. 2908/2003 (pp. 42-54, 2004.
31. T. Phan, L. Huang, and C. Dulan, "Challenge: Integrating Mobile Wireless Devices Into the Computational Grid," presented at 8th annual international conference on Mobile computing and networking (MobiCom'02), Atlanta, Georgia, USA, pp. 271-278, 2002.
32. B. a. M. H. Clarke, "Beyond the 'Device as Portal': Meeting the Requirements of Wireless and Mobile Devices in the Legion Grid Computing System,"" presented at Parallel and Distributed Computing Issues in Wireless Networks and Mobile Computing at the International Parallel and Distributed Processing Symposium., 2002.
33. D. G. Rosado, E. Fernández-Medina, J. López, and M. Piattini, "PSecGCM: Process for the development of Secure Grid Computing based Systems with Mobile devices," presented at International Conference on Availability, Reliability and Security (ARES'08), Barcelona, Spain, pp. 136-142, 2008.
34. D. G. Rosado, E. Fernández-Medina, J. López, and M. Piattini, "Engineering Process Based On Grid Use Cases For Mobile Grid Systems," presented at The Third International Conference on Software and Data Technologies- ICSOFT 2008, Porto, Portugal, pp. 146-151, 2008.
35. D. G. Rosado, E. Fernández-Medina, and J. López, "Obtaining Security Requirements for a Mobile Grid System," International Journal of Grid and High Performance Computing, pp. (to be published in April 1, 2009), 2008.
36. OMG, "Software & Systems Process Engineering Meta-Model Specification (SPEM) 2.0," 2008.
37. G. Sindre and A. L. Opdahl, "Capturing Security Requirements by Misuse Cases," presented at 14th Norwegian Informatics Conference (NIK'2001), Tromsø, Norway, 2001.
38. L. Røstad, "An extended misuse case notation: Including vulnerabilities and the insider threat," presented at XII Working Conference on Requirements Engineering: Foundation for Software Quality, Luxembourg, 2006.