REFEREE: trust management for Web applications
Selected papers from the sixth international conference on World Wide Web
Trust requirements in e-business
Communications of the ACM
"Trust me, I'm an online vendor": towards a model of trust for e-commerce system design
CHI '00 Extended Abstracts on Human Factors in Computing Systems
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
The coras approach for model-based risk management applied to e-commerce domain
Proceedings of the IFIP TC6/TC11 Sixth Joint Working Conference on Communications and Multimedia Security: Advanced Communications and Multimedia Security
I3E '02 Proceedings of the IFIP Conference on Towards The Knowledge Society: E-Commerce, E-Business, E-Government
Tropos: An Agent-Oriented Software Development Methodology
Autonomous Agents and Multi-Agent Systems
A survey of trust and reputation systems for online service provision
Decision Support Systems
Why timed sequence diagrams require three-event semantics
SMTT'03 Proceedings of the 2003 international conference on Scenarios: models, Transformations and Tools
UMLtrust: towards developing trust-aware software
Proceedings of the 2008 ACM symposium on Applied computing
Towards legal privacy risk assessment and specification
TrustBus'11 Proceedings of the 8th international conference on Trust, privacy and security in digital business
The CORAS tool for security risk analysis
iTrust'05 Proceedings of the Third international conference on Trust Management
Hi-index | 0.00 |
The paper makes two main contributions: (1) It presents experiences from using the CORAS language for security threat modelling to specify legal risk scenarios. These experiences are summarised in the form of requirements to a more expressive language providing specific support for the legal domain. (2) Its second main contribution is to present ideas towards the fulfilment of these requirements. More specifically, it extends the CORAS conceptual model for security risk analysis with legal concepts and associations. Moreover, based on this extended conceptual model, it introduces a number of promising language constructs addressing some of the identified deficiencies.