Sciweavers

IJISEC
2006

Requirements engineering for trust management: model, methodology, and reasoning

13 years 11 months ago
Requirements engineering for trust management: model, methodology, and reasoning
Abstract A number of recent proposals aim to incorporate security engineering into mainstream software engineering. Yet, capturing trust and security requirements at an organizational level, as opposed to an IT system level, and mapping these into security and trust management policies is still an open problem. This paper proposes a set of concepts founded on the notions of ownership, permission and trust and intended for requirements modeling. It also extends Tropos, an agent-oriented software engineering methodology, to support security requirements engineering. These concepts are formalized and are shown to support the automatic verification of security and trust requirements using Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study.
Paolo Giorgini, Fabio Massacci, John Mylopoulos, N
Added 12 Dec 2010
Updated 12 Dec 2010
Type Journal
Year 2006
Where IJISEC
Authors Paolo Giorgini, Fabio Massacci, John Mylopoulos, Nicola Zannone
Comments (0)