Goal-directed requirements acquisition
6IWSSD Selected Papers of the Sixth International Workshop on Software Specification and Design
Software Architecture in Practice
Software Architecture in Practice
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Tropos: An Agent-Oriented Software Development Methodology
Autonomous Agents and Multi-Agent Systems
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Communications of the ACM - Privacy and security in highly dynamic systems
Model-based security analysis in seven steps --- a guided tour to the CORAS method
BT Technology Journal
Providing Support for Model Composition in Metamodels
EDOC '07 Proceedings of the 11th IEEE International Enterprise Distributed Object Computing Conference
On the security of public key protocols
SFCS '81 Proceedings of the 22nd Annual Symposium on Foundations of Computer Science
Model-Driven Security in Practice: An Industrial Experience
ECMDA-FA '08 Proceedings of the 4th European conference on Model Driven Architecture: Foundations and Applications
The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
An Aspect-Oriented and Model-Driven Approach for Managing Dynamic Variability
MoDELS '08 Proceedings of the 11th international conference on Model Driven Engineering Languages and Systems
A programming model for concurrent object-oriented programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Automata-based confidentiality monitoring
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Security services architecture for Secure Mobile Grid Systems
Journal of Systems Architecture: the EUROMICRO Journal
The AVISPA tool for the automated validation of internet security protocols and applications
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Survey: Usage control in computer security: A survey
Computer Science Review
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
An expressive aspect composition language for UML state diagrams
MODELS'07 Proceedings of the 10th international conference on Model Driven Engineering Languages and Systems
| Hi-index | 0.00 |
In this paper we analyze the need and the opportunity for establishing a discipline for engineering secure Future Internet Services, typically based on research in the areas of software engineering, of service engineering and security engineering. Generic solutions that ignore the characteristics of Future Internet services will fail, yet it seems obvious to build on best practices and results that have emerged from various research communities. The paper sketches various lines of research and strands within each line to illustrate the needs and to sketch a community wide research plan. It will be essential to integrate various activities that need to be addressed in the scope of secure service engineering into comprehensive software and service life cycle support. Such a life cycle support must deliver assurance to the stakeholders and enable risk and cost management for the business stakeholders in particular. The paper should be considered a call for contribution to any researcher in the related sub domains in order to jointly enable the security and trustworthiness of Future Internet services.