Computer-aided Support for Secure Tropos
Automated Software Engineering
A Model for New Zealand's Identity Verification Service
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Science of Computer Programming
Conceptual Modeling: Foundations and Applications
Journal of Systems and Software
No purpose, no data: goal-oriented access control forambient assisted living
Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
GoCoMM: a governance and compliance maturity model
Proceedings of the first ACM workshop on Information security governance
Service level agreements: web services and security
ICWE'07 Proceedings of the 7th international conference on Web engineering
RELAW '09 Proceedings of the 2009 Second International Workshop on Requirements Engineering and Law
Infringo ergo sum: when will software engineering support infringements?
Proceedings of the FSE/SDP workshop on Future of software engineering research
Electronic Commerce Research
Deriving business processes with service level agreements from early requirements
Journal of Systems and Software
Modeling design patterns with description logics: a case study
CAiSE'11 Proceedings of the 23rd international conference on Advanced information systems engineering
A method for security governance, risk, and compliance (GRC): a goal-process approach
Foundations of security analysis and design VI
An iterative process for component-based software development centered on agents
Transactions on computational collective intelligence V
Orchestrating security and system engineering for evolving systems
ServiceWave'11 Proceedings of the 4th European conference on Towards a service-based internet
Sociotechnical trust: an architectural approach
ER'11 Proceedings of the 30th international conference on Conceptual modeling
Investigating Goal-Oriented Requirements Engineering for Business Processes
Journal of Database Management
Trust-based specification of sociotechnical systems
Data & Knowledge Engineering
Hi-index | 0.00 |
A number of recent proposals aim to incorporate security engineering into mainstream software engineering. Yet, capturing trust and security requirements at an organizational level, as opposed to an IT system level, and mapping these into security and trust management policies is still an open problem. This paper proposes a set of concepts founded on the notions of ownership, permission, and trust and intended for requirements modeling. It also extends Tropos, an agent-oriented software engineering methodology, to support security requirements engineering. These concepts are formalized and are shown to support the automatic verification of security and trust requirements using Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study.