Aligning service-oriented architectures with security requirements

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 7565 LNCS, Issue PART 1, 2012, Pages 232-249

  Salnitri, Mattia ^a   Dalpiaz, Fabiano ^a   Giorgini, Paolo ^a  

^a UNIVERSITY OF TRENTO   (Italy)

Author keywords

alignment; evolution; security requirements; SOA

Indexed keywords

E-GOVERNMENT; EVOLUTION; NON-COMPLIANCE; NON-REPUDIATION; ON-THE-FLY; PRIVACY VIOLATION; SECURITY REQUIREMENTS; SERVICE ORIENTED; SOA; SYSTEM ARCHITECTURES; SYSTEM DEPLOYMENT; SYSTEMS EVOLUTION;

ALIGNMENT; INTERNET; SERVICE ORIENTED ARCHITECTURE (SOA); SOFTWARE ENGINEERING;

INFORMATION SERVICES;

EID: 84872768719     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-33606-5_15     Document Type: Conference Paper

References (24)

1. Barais, O., Le Meur, A.F., Duchien, L., Lawall, J.: Software Architecture Evolution. In: Mens, T., Demeyer, S. (eds.) Software Evolution. LNCS, pp. 233-262. Springer, Heidelberg (2008)
2. Bastos, L.R.D., Castro, J.F.B.: Systematic Integration Between Requirements and Architecture. In: Choren, R., Garcia, A., Lucena, C., Romanovsky, A. (eds.) SELMAS 2004. LNCS, vol. 3390, pp. 85-103. Springer, Heidelberg (2005)
3. Casati, F., Ilnicki, S., Jin, L., Krishnamoorthy, V., Shan, M.-C.: Adaptive and Dynamic Service Composition in eFlow. In: Wangler, B., Bergman, L.D. (eds.) CAiSE 2000. LNCS, vol. 1789, pp. 13-31. Springer, Heidelberg (2000)
4. Crook, R., Ince, D., Lin, L., Nuseibeh, B.: Security Requirements Engineering: When Anti-Requirements Hit the Fan. In: Proc. of RE 2002, pp. 203-205. IEEE (2002)
5. Dalpiaz, F., Paja, E., Giorgini, P.: Security Requirements Engineering via Commitments. In: Proc. of STAST 2011 (2011)
6. Garg, A., Curtis, J., Halper, H.: Quantifying the Financial Impact of IT Security Breaches. Information Management & Computer Security 11(2), 74-83 (2003)
7. Ghanavati, S., Amyot, D., Peyton, L.: Compliance Analysis Based on a Goaloriented Requirement Language Evaluation Methodology. In: Proc. of RE 2009, pp. 133-142 (2009)
8. Ghose, A., Koliadis, G.: Auditing Business Process Compliance. In: Krämer, B.J., Lin, K.-J., Narasimhan, P. (eds.) ICSOC 2007. LNCS, vol. 4749, pp. 169-180.
9. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Modeling Security Requirements through Ownership, Permission and Delegation. In: Proc. of RE 2005, pp. 167-176. IEEE (2005)
10. Hall, J.G., Jackson, M., Laney, R.C., Nuseibeh, B., Rapanotti, L.: Relating Software Requirements and Architectures using Problem Frames. In: Proc. of RE 2002, pp. 137-144. IEEE (2002)
11. Harker, S.D.P., Eason, K.D., Dobson, J.E.: The Change and Evolution of Requirements as a Challenge to the Practice of Software Engineering. In: Proc. of RE 1993, pp. 266-272. IEEE (1993)
12. Julisch, K.: Security Compliance: the Next Frontier in Security Research. In: Proc. of the 2008 Workshop on New Security Paradigms, pp. 71-74. ACM (2008)
13. Liu, Y., Müller, S., Xu, K.: A Static Compliance-Checking Framework for Business Process Models. IBM Systems Journal 46(2), 335-361 (2007)
14. McDermott, J., Fox, C.: Using Abuse Case Models for Security Requirements Analysis. In: Proc. of ACSAC 1999, pp. 55-64. IEEE (1999)
15. Mouratidis, H., Giorgini, P.: Secure Tropos: A Security-Oriented Extension of the Tropos methodology. International Journal of Software Engineering and Knowledge Engineering 17(2), 285-309 (2007)
16. Nuseibeh, B.: Weaving together requirements and architectures. Computer 34(3), 115-119 (2001)
17. Nuseibeh, B., Easterbrook, S.: Requirements Engineering: a Roadmap. In: Proc. of FOSE 2000, pp. 35-46. ACM (2000)
18. Rodríguez, A., Fernández-Medina, E., Piattini, M.: A BPMN Extension for the Modeling of Security requirements in Business Processes. IEICE Transactions on Information and Systems 90(4), 745-752 (2007)
19. Sindre, G., Opdahl, A.L.: Eliciting Security Requirements with Misuse Cases. Requirements Engineering 10(1), 34-44 (2005)
20. Singh, M.P.: An Ontology for Commitments in Multiagent Systems: Toward a Unification of Normative Concepts. Artificial Intelligence and Law 7(1), 97-113 (1999)
21. Siponen, M., Pahnila, S., Adam Mahmood, M.: Compliance with Information Security Policies: An Empirical Investigation. Computer 43, 64-71 (2010)
22. van Lamsweerde, A.: Requirements Engineering in the Year 2000: A Research Perspective. In: Proc. of ICSE 2000, pp. 5-19 (2000)
23. van Lamsweerde, A.: From System Goals to Software Architecture. In: Bernardo, M., Inverardi, P. (eds.) SFM 2003. LNCS, vol. 2804, pp. 25-43. Springer, Heidelberg (2003)
24. van Lamsweerde, A.: Elaborating Security Requirements by Construction of Intentional Anti-Models. In: Proc. of ICSE 2004, pp. 148-157. IEEE (2004)