Security Requirements Engineering via Commitments

Dalpiaz, Fabiano and Paja, Elda and Giorgini, Paolo (2011) Security Requirements Engineering via Commitments. UNSPECIFIED.

Download (503Kb) | Preview


    Security Requirements Engineering (SRE) is concerned with the identification of security needs and the specification of security requirements of the system-to-be. Mainstream approaches to SRE either focus on technical security mechanisms or suggest high-level organizational abstractions that are hard to map to the actual design. Social commitments are a simple yet powerful abstraction to model social interactions and can be used effectively to specify security requirements. In this paper, we build on our previous work proposing a novel goal-oriented modelling language called SecCo—Security via Commitments—where the concept of social commitment between social and technical actors is adopted to specify security requirements. Commitments enable the development of robust applications, wherein security needs are satisfied by assigning contractual validity to interactions.

    Item Type: Departmental Technical Report
    Department or Research center: Information Engineering and Computer Science
    Subjects: Q Science > QA Mathematics > QA076 Computer software
    Uncontrolled Keywords: Security requirements; Goal models; Commitments
    Report Number: DISI-11-469
    Repository staff approval on: 05 Aug 2011

    Actions (login required)

    View Item