An ontology for secure socio-technical systems

Handbook of Ontologies for Business Interaction

Volumn , Issue , 2007, Pages 188-206

  Massacci, Fabio ^a   Mylopoulos, John ^a   Zannone, Nicola ^a  

^a UNIVERSITY OF TRENTO   (Italy)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 84898314703     PISSN: None     EISSN: None     Source Type: Book    
DOI: 10.4018/978-1-59904-660-0.ch011     Document Type: Chapter

References (36)

1. AMICE Consortium. (1993). Open system architecture for CIM. Springer-Verlag.
2. Anderson, R. (1994). Why cryptosystems fail. Communication of the ACM, 37(11), 32-40.
3. Ashley, P., Hada, S., Karjoth, G., Powers, C., & Schunter, M. (2003). Enterprise privacy authorization language (EPAL 1.2). W3C Recommendation.
4. Axelrod, R. (1984). The evolution of cooperation. Basic Books.
5. Basin, D., Doser, J., & Lodderstedt, T. (2006). Model driven security: From UML models to access control infrastructures. ACM Transactions on Software Engineering and Methodology, 15(1), 39-91.
6. Bernus, P., & Nemes, L. (1996). A framework to define a generic enterprise reference architecture and methodology. Computer Integrated Manufacturing Systems, 9(3), 179-191.
7. Bresciani, P., Giorgini, P., Giunchiglia, F., Mylopoulos, J., & Perini, A. (2004). TROPOS: An agent-oriented software development methodology. Autonomous Agents and Multi-Agent Systems, 8(3), 203-236.
8. Bryce, M., & Associates. (2006). PRIDE-EEM enterprise engineering methodology. Retrieved June 15, 2007, from http://www.phmainstreet.com/mba/pride/eemeth.htm
9. Castelfranchi, C., & Falcone, R. (1998). Principles of trust for MAS: Cognitive anatomy, social importance, and quantification. In International Conference on Multi-Agent Systems (pp. 72-79). IEEE Press.
10. Chung, L.K., Nixon, B.A., Yu, E., & Mylopoulos, J. (2000). Non-functional requirements in software engineering. Kluwer Publishing.
11. Cranor, L., Langheinrich, M., Marchiori, M., & Reagle, J. (2002). The platform for privacy preferences 1.0 (P3P1.0) Specification. W3C Recommendation.
12. Dardenne, A., van Lamsweerde, A., & Fickas, S. (1993). Goal-directed requirements acquisition. Science of Computer Programming, 20, 3-50.
13. Dignum, V. (2004). A model for organizational interaction: Based on agents, founded in logic. PhD thesis, Universiteit Utrecht.
14. Emery, F.E., & Trist E.L. (1960). Socio-technical systems. In Management Sciences: Models and Techniques, Vol. 2 (pp. 83-97). Pergamon Press.
15. Giorgini, P., Massacci, F., Mylopoulos, J., & Zannone, N. (2006). Requirements engineering for trust management: Model, methodology, and reasoning. International Journal of Information Security, 5(4), 257-274.
16. Giorgini, P., Massacci, F., & Zannone, N. (2005). Security and trust requirements engineering. In FOSAD III, LNCS 3655 (pp. 237-272). Springer.
17. House of Lords. (1999). Prince Jefri Bolkiah vs. KPMG. 1 All ER 517. Retrieved June 15, 2007, from www.parliament.the-stationeryoffice.co.uk
18. Hübner, J.F., Sichman, J.S., & Boissier, O. (2002). A model for the structural, functional, and deontic specification of organizations in multiagent Systems. In Brazilian symposium on artificial intelligence (pp. 118-128). Springer.
19. Jürjens, J. (2004). Secure systems development with UML. Springer-Verlag.
20. Lampson, B.W. (2004). Computer security in the real world. Computer, 37(6), 37-46.
21. Leone, N., Pfeifer, G., Faber, W., Eiter, T., Gottlob, G., Perri, S., et al. (2006). The DLV system for knowledge representation and reasoning. ACM Transactions on Computational Logic, 7(3), 499-562.
22. Liu, L., Yu, E.S.K., & Mylopoulos, J. (2003). Security and privacy requirements analysis within a social setting. In IEEE International Requirements Engineering Conference (pp. 151-161). IEEE Press.
23. Masolo, C., Vieu, L., Bottazzi, E., Catenacci, C., Ferrario, R., Gangemi, A. et al. (2004). Social roles and their descriptions. In Conference on the Principles of Knowledge Representation and Reasoning (pp. 267-277). AAAI Press.
24. Massacci, F., Prest, M., & Zannone, N. (2005). Using a security requirements engineering methodology in practice: The compliance with the Italian data protection legislation. Computer Standards & Interfaces, 27(5), 445-455.
25. Massacci, F., & Zannone, N. (2006). Detecting conflicts between functional and security requirements with secure tropos: John Rusnak and the Allied Irish Bank (Tech. Rep. DIT-06-002). University of Trento.
26. Mayer, R.C., Davis, J.H., & Schoorman, F.D. (1995). An integrative model of organizational trust. Acad. Management Rev, 20(3), 709-734.
27. McDermott, J., & Fox, C. (1999). Using abuse case models for security requirements analysis. In Annual Computer Security Applications Conference (pp. 55-66). IEEE Press.
28. Michaely, R., & Womack, K.L. (1999). Conflict of interest and the credibility of underwriter analyst recommendations. Review of Financial Studies, 12(4), 653-686.
29. OASIS. (2005). eXtensible access control markup language (XACML) Version 2.0. OASIS Standard. Retrieved June 15, 2007, from http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-specos.pdf
30. Rousseau, D.M., Sitkin, S.B., Burt, R.S., & Camerer, C. (1998). Not so different after all: A cross-discipline view of trust. Acad. Management Rev., 23(3), 393-404.
31. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., & Youman, C.E. (1996). Role-based access control models. Computer, 29(2), 38-47.
32. Sindre, G., & Opdahl, A.L. (2005). Eliciting security requirements with misuse cases. Requirements Engineering Journal, 10(1), 34-44.
33. Sommerville, I. (2001). Software engineering. Addison-Wesley.
34. Stader, J. (1996). Results of the enterprise project (Tech. Rep. AIAI-TR-209). University of Edinburgh.
35. Uschold, M., King, M., Moralee, S., & Zorgios, Y. (1998). The enterprise ontology. Knowledge Engineering Review, 13(1), 31-89.
36. Yu, E. (1996). Modeling strategic relationships for process reengineering. PhD thesis, University of Toronto.