Syntactic and semantic extensions to Secure Tropos to support security risk management

Journal of Universal Computer Science

Volumn 18, Issue 6, 2012, Pages 816-844

  Matulevičius, Raimundas ^a   Mouratidis, Haralambos ^b   Mayer, Nicolas ^c   Dubois, Eric ^c   Heymans, Patrick ^d  

^a UNIVERSITY OF TARTU   (Estonia)

^b UNIVERSITY OF EAST LONDON   (United Kingdom)

^c LUXEMBOURG INSTITUTE OF SCIENCE AND TECHNOLOGY   (Luxembourg)

^d UNIVERSITY OF NAMUR   (Belgium)

Author keywords

Information system; Risk management; Secure tropos; Security; Syntax and semantics of modelling language

Indexed keywords

EID: 84862645179     PISSN: 0958695X     EISSN: 09486968     Source Type: Journal    
DOI: None     Document Type: Article

References (49)

1. [Alberts and Dorofee, 2001] Alberts, C. J. and Dorofee, A. J. (2001). OCTAVE Method Implementation Guide Version 2.0. Carnegie Mellon University - Software Engineering Institute.
2. [Asnar and Giorgini, 2006] Asnar, Y. and Giorgini, P. (2006). Modelling Risk and Identifying Cuntermeasure in Organizations. In Proceedings of the 1st Interational Workshop on Critical Information Intrastructures Security, pages 55-66. Springer-Verlag Berlin Heidelberg.
3. [Asnar et al., 2008] Asnar, Y., Moretti, R., Sebastianis, M., and Zannone, N. (2008). Risk as Dependability Metrics for the Evaluation of Business Solutions: A Modeldriven Approach. In ARES, pages 1240-1247.
4. [AS/NZS 4360, 2004] AS/NZS 4360 (2004). Risk Management. SAI Global.
5. [Bresciani et al., 2004] Bresciani, P., Giorgini, P., Giunchiglia, F., Mylopoulos, J., and Perini, A. (2004). TROPOS: an Agent-oriented Software Development Methodology. Journal of Autonomous Agents and Multi-Agent Systems, 8:203-236.
6. [Common Criteria, 2006] Common Criteria (2006). Common Criteria for Information Technology Security Evaluation version 3.1.
7. [D. Mellado, 2007] D. Mellado, E. Fernndez-Medina, M. (2007). A Common Criteria Based Security Requirements Engineering Process for the Development of Secure Information Systems. Computer Standards and Interfaces, 29:244-253.
8. [D. Mellado, 2010] D. Mellado, E. Fernndez-Medina, M. (2010). Security Requirements Engineering Framework for Software Product Lines. Information and Software Technology, 52:1094-1117.
9. [Elahi and Yu, 2007] Elahi, G. and Yu, E. (2007). A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs. In Parent, C., Schewe, K.-D., Storey, V. C., and Thalheim, B., editors, Proceedings of the 26th International Conference on Conceptual Modelling (ER 2007), volume 4801, pages 87-101. Springer-Verlag Berlin Heidelberg.
10. [Englebert and Heymans, 2007] Englebert, V. and Heymans, P. (2007). Towards More Extensible MetaCASE Tools. In Krogstie, J., Opdahl, A. L., and Sindre, G., editors, Proceedings of the 19th International Conference on Advanced Information Systems Engineering (CAiSE 2007), pages 454-468.
11. [Firesmith, 2007] Firesmith, D. (2007). Engineering Safety and Security Related Requirements for Software Intensive Systems. In Companion to the Proceedings of the 29th International Conference on Software Engineering (ICSE COMPANION'07), page 169. IEEE Computer Society.
12. [Gandhi and Lee, 2007] Gandhi, R. A. and Lee, S.-W. (2007). Discovering and Understanding Multi-dimensional Correlations among Certification Requirements with application to Risk Assessment. Requirements Engineering, IEEE International Conference on, 0:231-240.
13. [Haley et al., 2008] Haley, C., Laney, R., Moffett, J., and Nuseibeh, B. (2008). Security Requirements Engineering: A Framework for Representation and Analysis. IEEE Transactions on Software Engineering, 34(1):133-153.
14. [Insight Consulting, 2003] Insight Consulting (2003). CRAMM (CCTA Risk Analysis and Management Method) User Guide version 5.0. SIEMENS.
15. [ISO/IEC 13335-1, 2004] ISO/IEC 13335-1 (2004). Information Technology - Security Techniques - Management of Information and Communications Technology Security - Part 1: Concepts and Models for Information and Communications Technology Security Management. International Organisation for Standardisation.
16. [ISO/IEC 27000, 2009] ISO/IEC 27000 (2009). Overview and vocabulary, International Organisation for Standardisation. International Organisation for Standardisation.
17. [ISO/IEC 27001, 2005] ISO/IEC 27001 (2005). Information Technology-Security Techniques-Information Security Management Systems-Requirements, International Organisation for Standardisation.
18. [ISO/IEC Guide 73, 2002] ISO/IEC Guide 73 (2002). Risk management - Vocabulary - Guidelines for Use in Standards. International Organisation for Standardisation.
19. [Jurjens, 2002] Jurjens, J. (2002). UMLsec: Extending UML for Secure Systems Development. In Proceedings of the 5th International Conference on the Unified Modelling Language (UML'02), pages 412-425.
20. [Lin et al., 2004] Lin, L., Nuseibeh, B., Ince, D., and Jackson, M. (2004). Using Abuse Frames to Bound the Scope of Security Problems. In Proceedings of the 12th IEEE international Conference on Requirements Engineering (RE'04), pages 354-355. IEEE Computer Society.
21. [Liu et al., 2003] Liu, L., Yu, E., and Mylopoulos, J. (2003). Security and Privacy Requirements Analysis within a Social Setting. In Proceedings of the 11th IEEE International Requirements Engineering Conference (RE'03), page 151. IEEE Computer Society.
22. [Lodderstedt et al., 2002] Lodderstedt, T., Basin, D. A., and Doser, J. (2002). SecureUML: A UML-based Modeling Language for Model-driven Security. In Proceedings of the 5th International Conference on the Unified Modelling Language (UML'02), pages 426-441. Springer-Verlag.
23. [Matulevǐcius et al., 2008a] Matulevičius, R., Mayer, N., and Heymans, P. (2008a). Alignment of Misuse Cases with Security Risk Management. In Proceedings of the ARES 2008 Symposium on Requirements Engineering for Information Security (SREIS 2008), pages 1397-1404. IEEE Computer Society.
24. [Matulevǐcius et al., 2008b] Matulevičius, R., Mayer, N., Mouratidis, H., Dubois, E., Heymans, P., and Genon, N. (2008b). Adapting Secure Tropos for Security Risk Management during Early Phases of the Information Systems Development. In Proceedings of the 20th International Conference on Advanced Information System Engineering (CAiSE 2008). Springer-Verlag Berlin Heidelberg.
25. [Mayer, 2009] Mayer, N. (2009). Model-Based Management of Information System Security Risk. PhD thesis, University of Namur, Namur, Belgium.
26. [Mayer et al., 2007] Mayer, N., Heymans, P., and Matulevǐcius, R. (2007). Design of a Modelling Language for Information System Security Risk Management. In Proceedings of the 1st International Conference on Research Challenges in Information Science (RCIS 2007), pages 121-131.
27. [McDermott and Fox, 1999] McDermott, J. and Fox, C. (1999). Using Abuse Case Models for Security Requirements Analysis. In Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC'99), page 55.
28. [Moody, 2002] Moody, D. L. (2002). Complexity Effects on End User Understanding of Data Models: an Experimental Comparison of Large Data Model Represetation Mehods. In Proceedings of the 10th European Conferece on Information Systems (ECIS'2002).
29. [Moody, 2009] Moody, D. L. (2009). The "Physics" of Notations: Toward a Scientific Basis for Constructing Visual Notations in Software Engineering. IEEE Transactions on Software Engineering, 35(6):756-777.
30. [Mouratidis, 2004] Mouratidis, H. (2004). A Security Oriented Approach in the Development of Multiagent Systems: Applied to the Management of the Health and Social Care Needs of Older People In England. PhD thesis, Department of Computer Science, University of Sheffield, UK.
31. [Mouratidis and Giorgini, 2004] Mouratidis, H. and Giorgini, P. (2004). Enhancing Secure TROPOS to Effectively Deal with Security Requirements in the Development of Multiagent Systems. In Proceedings of the 1st International Workshop on Safety and Security in Multiagent Systems (AAMAS 2004).
32. [Mouratidis and Giorgini, 2007a] Mouratidis, H. and Giorgini, P. (2007a). Secure Tropos: A Security-oriented Extension of the Tropos Methodology. International Journal of Software Engineering and Knowledge Engineering (IJSEKE), 17(2):285-309.
33. [Mouratidis and Giorgini, 2007b] Mouratidis, H. and Giorgini, P. (2007b). Security Attack Testing (SAT) - Testing the Security of Information Systems at Design Time. Information Systems, 32(8):1166-1183.
34. [Mouratidis et al., 2002a] Mouratidis, H., Giorgini, P., Gordon, M., and Philp, I. (2002a). A Natural Extension of Tropos Methodology for Modelling Security. In Proceedings of the Agent Oriented Methodologies Workshop (OOPSLA 2002).
35. [Mouratidis et al., 2002b] Mouratidis, H., Giorgini, P., and Manson, G. (2002b). Using Tropos Methodology to Model an Integrated Health Assessment System. In Proceedings of the Fourth International Bi-Conference on Agent-oriented Information Systems (AOIS'02).
36. [Mouratidis et al., 2003a] Mouratidis, H., Giorgini, P., and Manson, G. (2003a). Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems. In Proceedings of the 15th Conference On Advanced Information Systems Engineering (CAiSE'03), pages 63-78. Springer-Verlag.
37. [Mouratidis et al., 2004] Mouratidis, H., Giorgini, P., and Manson, G. A. (2004). Using Security Attacks Scenarios to Analyse Security during Information Systems Design. In Proceedings of the 6th International Conference on Enterprise Information Systems 2004 (ICEIS'04).
38. [Mouratidis et al., 2005] Mouratidis, H., Giorgini, P., and Manson, G. A. (2005). When Security Meets Software Engineering: a Case of Modelling Secure Information Systems. Information Systems, 30(8):609-629.
39. [Mouratidis et al., 2006] Mouratidis, H., Jurjens, J., and Fox, J. (2006). Towards a Comprehensive Framework for Secure Systems Development. In Dubois, E. and Pohl, K., editors, Proceedings of the 18th International Conference on Advanced Information Systems Engineering (CAiSE'06), pages 48-62. Springer-Verlag.
40. [Mouratidis et al., 2003b] Mouratidis, H., Philp, I., and Manson, G. (2003b). A Novel Agent-Based System to Support the Single Assessment Process of Older People. Journal of Health Informatics, 9(3):149-162.
41. [Object Management Group (OMG), 2004] Object Management Group (OMG) (2004). Unified Modeling Language: Superstructure, version 2.0.
42. [OMG, 2008] OMG (2008). Business Process Modeling Notation, v1.1. OMG Available Specification.
43. [Opdahl and Henderson-Sellers, 2005] Opdahl, A. L. and Henderson-Sellers, B. (2005). A Unified Modelling Language without Referential Redundancy. Data and Knowledge Engineering (DKE). Special Issue on Quality in Conceptual Modelling, (277-300).
44. [Sindre, 2007] Sindre, G. (2007). Mal-activity Diagrams for Capturing Attacks on Business Processes. In Proceedings of the Working Conference on Requirements Engineering: Foundation for Software Quality (REFSQ 2007), pages 355-366. Springer- Verlag Berlin Heidelberg.
45. [Sindre and Opdahl, 2005] Sindre, G. and Opdahl, A. L. (2005). Eliciting Security Requirements with Misuse Cases. Requirements Engineering Journal, 10(1):34-44.
46. [van Lamsweerde, 2001] van Lamsweerde, A. (2001). Goal-Oriented Requirements Engineering: A Guided Tour. In Proceedings of the 5th IEEE International Conference on Requirements Engineering (RE'01), page 249, Washington, DC, USA. IEEE Computer Society.
47. [van Lamsweerde, 2004] van Lamsweerde, A. (2004). Elaborating Security Requirements by Construction of Intentional Anti-models. In Proceedings of the 26th International Conference on Software Engineering (ICSE'04), pages 148-157. IEEE Computer Society.
48. [Vraalsen et al., 2007] Vraalsen, F., Mahler, T., Lund, M. S., Hogganvik, I., den Braber, F., and Stølen, K. (2007). Assessing enterprise risk level: The CORAS approach. In Khadraoui, D. and Herrmann, F., editors, Advances in Enterprise Information Technology Security, pages 311-333. Idea group.
49. [Yu, 1997] Yu, E. (1997). Towards Modeling and Reasoning Support for Early-phase Requirements Engineering. In Proceedings of the 3rd IEEE International Symposium on Requirements Engineering (RE'97), page 226. IEEE Computer Society.