Identifying Conflicts in Security Requirements with STS-ml

Paja, Elda and Dalpiaz, Fabiano and Giorgini, Paolo (2012) Identifying Conflicts in Security Requirements with STS-ml. Trento : Università degli Studi di Trento. (Submitted)

This is the latest version of this item.

PDF - Full Text
Download (2671Kb) | Preview


    Requirements are conflicting when there exist no system that satisfies them all. Conflicts often originate from clashing needs of different stakeholders. Security requirements are no exception to the rule; moreover, their violation leads to severe consequences, such as privacy infringement, which, in many countries, implies burdensome monetary sanctions. In large (security) requirements models, conflicts are hard or impossible to identify manually. In these cases, automated reasoning is necessary. In this paper, we propose a reasoning framework to detect conflicting security requirements as well as conflicts between security requirements and business policies. Our framework formalises the STS-ml requirements modelling language for socio-technical systems. These systems consist of mutually interdependent humans, organisations, and software. In addition to presenting the framework, we apply the it to a case study about e-Government, and we report on promising scalability results of our implementation.

    Item Type: Departmental Technical Report
    FP7 Grant Agreement Number: info: eu-repo/grantAgreement/EC/FP7/257930 (Aniketos), info: eu-repo/grantAgreement/EC/FP7/256980 (NESSoS)
    Department or Research center: Information Engineering and Computer Science
    Subjects: Q Science > QA Mathematics > QA075 Electronic computers. Computer science
    Report Number: DISI-12-041
    Repository staff approval on: 15 Jan 2013 10:48

    Available Versions of this Item

    • Identifying Conflicts in Security Requirements with STS-ml. (deposited 15 Jan 2013 10:48)[Currently Displayed]

    Actions (login required)

    View Item