Adapting Secure Tropos for Security Risk Management in the Early Phases of Information Systems Development

Authors:
Raimundas Matulevičius;Nicolas Mayer;Haralambos Mouratidis;Eric Dubois;Patrick Heymans;Nicolas Genon
Affiliations:
PReCISE, Computer Science Faculty, University of Namur, Belgium;PReCISE, Computer Science Faculty, University of Namur, Belgium and CRP Henri Tudor - CITI, Luxembourg;School of Computing and Technology, University of East London, UK;CRP Henri Tudor - CITI, Luxembourg;PReCISE, Computer Science Faculty, University of Namur, Belgium;PReCISE, Computer Science Faculty, University of Namur, Belgium
Venue:
CAiSE '08 Proceedings of the 20th international conference on Advanced Information Systems Engineering
Year:
2008

Citing 18
Cited 11

Handling Obstacles in Goal-Oriented Requirements Engineering

IEEE Transactions on Software Engineering - special section on current trends in exception handling—part II
Towards requirements-driven information systems engineering: the Tropos project

Information Systems - The 13th international conference on advanced information systems engineering (CAiSE*01)
SecureUML: A UML-Based Modeling Language for Model-Driven Security

UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
UMLsec: Extending UML for Secure Systems Development

UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Using Abuse Case Models for Security Requirements Analysis

ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Tropos: An Agent-Oriented Software Development Methodology

Autonomous Agents and Multi-Agent Systems
Elaborating Security Requirements by Construction of Intentional Anti-Models

Proceedings of the 26th International Conference on Software Engineering
Using Abuse Frames to Bound the Scope of Security Problems

RE '04 Proceedings of the Requirements Engineering Conference, 12th IEEE International
Eliciting security requirements with misuse cases

Requirements Engineering
Modeling Security Requirements Through Ownership, Permission and Delegation

RE '05 Proceedings of the 13th IEEE International Conference on Requirements Engineering
Alignment of Misuse Cases with Security Risk Management

ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
When security meets software engineering: a case of modelling secure information systems

Information Systems
Integrating security and systems engineering: towards the modelling of secure information systems

CAiSE'03 Proceedings of the 15th international conference on Advanced information systems engineering
Mal-activity diagrams for capturing attacks on business processes

REFSQ'07 Proceedings of the 13th international working conference on Requirements engineering: foundation for software quality
A goal oriented approach for modeling and analyzing security trade-offs

ER'07 Proceedings of the 26th international conference on Conceptual modeling
Modelling risk and identifying countermeasure in organizations

CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Towards a comprehensive framework for secure systems development

CAiSE'06 Proceedings of the 18th international conference on Advanced Information Systems Engineering
Modeling social and individual trust in requirements engineering methodologies

iTrust'05 Proceedings of the Third international conference on Trust Management

Social Modeling and i*

Conceptual Modeling: Foundations and Applications
A Modeling Ontology for Integrating Vulnerabilities into Security Requirements Conceptual Foundations

ER '09 Proceedings of the 28th International Conference on Conceptual Modeling
Towards a decision model based on trust and security risk management

AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
Using special use cases for security in the software development life cycle

WISA'10 Proceedings of the 11th international conference on Information security applications
Towards transformation guidelines from secure tropos to misuse cases (position paper)

Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
Towards legal privacy risk assessment and specification

TrustBus'11 Proceedings of the 8th international conference on Trust, privacy and security in digital business
Aligning mal-activity diagrams and security risk management for security requirements definitions

REFSQ'12 Proceedings of the 18th international conference on Requirements Engineering: foundation for software quality
A Unified Use-Misuse Case Model for Capturing and Analysing Safety and Security Requirements

International Journal of Information Security and Privacy
Comparing Misuse Case and Mal-Activity Diagrams for Modelling Social Engineering Attacks

International Journal of Secure Software Engineering
Countermeasure graphs for software security risk assessment: An action research

Journal of Systems and Software
Comparing attack trees and misuse cases in an industrial setting

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security is a major target for today's information systems (IS) designers. Security modelling languages exist to reason on security in the early phases of IS development, when the most crucial design decisions are made. Reasoning on security involves analysing risk, and effectively communicating risk-related information. However, we think that current languages can be improved in this respect. In this paper, we discuss this issue for Secure Tropos, the language supporting the eponymous agent-based IS development. We analyse it and suggest improvements in the light of an existing reference model for IS security risk management. This allows for checking Secure Tropos concepts and terminology against those of current risk management standards, thereby improving the conceptual appropriateness of the language. The paper follows a running example, called eSAP, located in the healthcare domain.