Title: Modelling Security Properties in a Grid-based Operating System with Anti-Goals Author(s):Alvaro Arenas, Benjamin Aziz, Juan Bicarregui, Brian Matthews, Erica Y. Yang
Abstract: In this paper, we discuss the use of formal requirements-engineering techniques in capturing security requirements for a Grid-based operating system. We use KAOS goal model to represent two security goals of interest to Grid systems, namely authorisation and single-sign on authentication. We apply goal-refinement to derive security requirements for these two security goals. Then, we develop a model of anti-goals, and show how system vulnerabilities and threats to the security goals can arise from such anti-models.
Title: Alignment of Misuse Cases with Security Risk Management Author(s):Raimundas Matulevicius, Nicolas Mayer, Patrick Heymans
Abstract: It is recognised that security has to be addressed through the whole system development process. However current practices address security only in late stages, i.e., development or maintenance. Due to the success of UML use cases, misuse cases have been accepted by industry as a means to tackle security. However misuse cases, firstly, lack a precise application process, secondly, are too general which results in under-definition or misinterpretation of their concepts. In this paper we examine misuse cases in the light of a reference model for information system security risk management (ISSRM). Using the well-known Meeting Scheduler example we show how misuse cases can be used to follow a security risk management process. Next we check the misuse case ontology according to the concepts found in current risk management standards. The paper suggests improvements for the conceptual appropriateness of misuse cases for the security risk domain.
Title: Security Requirements Variability for Software Product Lines Author(s):Daniel Mellado, Eduardo Fernandez-Medina, Mario Piattini
Abstract: Software product line engineering has proven to be one of the most successful paradigms for developing a diversity of similar software applications and software-intensive systems at low costs, in short time, and with high quality, by exploiting commonalities and variabilities among products to achieve high levels of reuse. At the same time, due to the complexity and extensive nature of product line development, security and requirements engineering are critical success factors in the development of a software product line. However, most of the current product line practices in requirements engineering do not adequately address the security requirements engineering. area Therefore, in this paper we will propose a security requirements decision model driven by security standards along with a security variability model to manage the variability of the security requirements related artefacts. The aim of this approach is to deal with security requirements from the early stages of the product line development in a systematic way, in order to facilitate the conformance to the most relevant security standards with regard to the management of security requirements, such as ISO/IEC 27001 and ISO/IEC 15408.
Title:
Transforming security requirements into architecture Author(s):Koen Yskout, Riccardo Scandariato, Bart De Win, Wouter Joosen
Abstract: Automation is a very promising technique to reduce the chances of flaws happening downstream the software production line. In this context, a very challenging problem is the transformation of requirements to software architectures. The challenge is even more crucial for quality requirements, as they represent the main driver of an architecture. This paper is an initial attempt to provide an approach that supports the transition from requirements to architecture for software security: a quality of ever growing importance in today's world.
Title: Goal-Oriented, B-Based Formal Derivation of Security Design Specifications from Security Requirements Author(s):Riham Hassan, Shawn Bohner, Sherif El-Kassas, Mohamed Eltoweissy
Abstract: This paper proposes a requirements-driven security engineering approach for analyzing application-specific security requirements that are formally derived into security design preserving security requirements properties. The approach adopts the KAOS framework to formally construct a complete and consistent security requirements model that is extended using the B method to produce security design and further implementation while preserving requirements properties. This unique treatment of secure software engineering is systematic, constructive and considers security early in development.
Title: Annotating Regulations Using Cerno: an Application to Italian Documents Author(s):Nicola Zeni, Nadzeya Kiyavitskaya, James R. Cordy, Luisa Mich, John Mylopoulos
Abstract: The increasing complexity of software systems and growing
demand for regulations compliance require effective methods and
tools to support requirements analysts activities.
Internationalization of information systems due to both economics
and Web based architectures call for the application of regulations
written in different languages. Thus far existing approaches for
extracting rights and obligations have concentrated on English documents.
In this paper, we describe the results of the application of Cerno,
a lightweight framework for semantic annotation, to legal documents
written in Italian. In addition, we investigate critical
issues for semantic annotation tools in a different cultural and
environmental context. Results obtained, while preliminary, allow
us to quantify the effort needed to port tools based on Cerno
and give some insight on directions of future development of
a multilingual system to support semantic annotation of regulations
not only in different domains, but also written in different languages.
Title: Information Stream Based Model for Organizing Security Author(s):Bernhard Thalheim, Sabah Al-Fedaghi, Khaled Al-Saqabi
Abstract: One of the important aspects of security organization is to establish a framework to identify security significant points where policies and procedures are declared. The (information) security infrastructure comprises entities, processes, and technology. All are participants in handling information, which is the item that needs to be protected. Our approach is to identify information stream as the principle focus of security consideration. It is based on recognizing points of transformation in the flow of information as the pivots around which security organization is built. The information stream model is a general coherent blueprint of security organization without getting into the details of certain technology, policies, or practices.
Title: Analysis of Security Requirements for Cryptographic Voting Protocols Author(s):Orhan Cetinkaya
Abstract: Electronic voting refers to the use of computers or computerized voting equipment to cast ballots in an election and it is not an easy task due to the need of achieving electronic voting security requirements. The cryptographic voting protocols use advanced cryptography to make electronic voting secure and applicable.
In this paper, formal definitions of security requirements for cryptographic voting protocols (privacy, eligibility, uniqueness, fairness, uncoercibility, receipt-freeness, accuracy, and individual verifiability) are provided and elaborate checklists for each requirement are presented. The voting problem is clearly stated in terms of security requirements as well. It is described between receipt-freeness and individual verifiability and then an applicable solution is suggested by introducing Predefined Fake Vote (PreFote) scheme.