Abstract
Security is a major target for today’s information systems (IS) designers. Security modelling languages exist to reason on security in the early phases of IS development, when the most crucial design decisions are made. Reasoning on security involves analysing risk, and effectively communicating risk-related information. However, we think that current languages can be improved in this respect. In this paper, we discuss this issue for Secure Tropos, the language supporting the eponymous agent-based IS development. We analyse it and suggest improvements in the light of an existing reference model for IS security risk management. This allows for checking Secure Tropos concepts and terminology against those of current risk management standards, thereby improving the conceptual appropriateness of the language. The paper follows a running example, called eSAP, located in the healthcare domain.
Chapter PDF
References
Basel Committee on Banking Supervision: International Convergence of Capital Measurement and Capital Standards. Bank for International Settlements (2004)
United States Senate and House of Representatives in Congress: Sarbanes-Oxley Act of 2002. Public Law 107-204 (116 Statute 745) (2002)
Mayer, N., Heymans, P., Matulevičius, R.: Design of a Modelling Language for Information System Security Risk Management. In: Proceedings of the 1st International Conference on Research Challenges in Information Science (RCIS 2007), pp. 121–131 (2007)
Mouratidis, H., Giorgini, P.: Secure Tropos: A Security-oriented Extension of the Tropos Methodology. International Journal of Software Engineering and Knowledge Engineering (IJSEKE) 17(2), 285–309 (2007)
DCSSL: EBIOS–Expression of Needs and Identification of Security Objectives (2004)
ENISA: Inventory of Risk Assessment and Risk Management Methods (2004)
ISO: Information Technology–Security Techniques–Information Security Management Systems–Requirements, International Organisation for Standardisation (2005)
Mouratidis, H., Giorgini, P., Manson, G.: Using Tropos Methodology to an Model Integrated Health Assessment System. In: Proceedings of the Fourth International Bi-Conference on Agent-oriented Information Systems (AOIS 2002) (2002)
Matulevičius, R., Mayer, N., Heymans, P.: Alignment of Misuse Cases with Security Risk Management. In: Proceedings of the ARES 2008 Symposium on Requirements Engineering for Information Security (SREIS 2008), pp. 1397–1404. IEEE Computer Society, Los Alamitos (2008)
Asnar, Y., Giorgini, P.: Modelling Risk and Identifying Cuntermeasure in Organizations. In: Proceedings of the 1st Interational Workshop on Critical Information Intrastructures Security, pp. 55–66. Springer, Heidelberg (2006)
Lin, L., Nuseibeh, B., Ince, D., Jackson, M.: Using Abuse Frames to Bound the Scope of Security Problems. In: Proceedings of the 12th IEEE international Conference on Requirements Engineering (RE 2004), pp. 354–355. IEEE Computer Society, Los Alamitos (2004)
McDermott, J., Fox, C.: Using Abuse Case Models for Security Requirements Analysis. In: Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC 1999), p. 55 (1999)
Sindre, G., Opdahl, A.L.: Eliciting Security Requirements with Misuse Cases. Requirements Engineering Journal 10(1), 34–44 (2005)
Sindre, G.: Mal-activity Diagrams for Capturing Attacks on Business Processes. In: Sawyer, P., Paech, B., Heymans, P. (eds.) REFSQ 2007. LNCS, vol. 4542, pp. 355–366. Springer, Heidelberg (2007)
Lodderstedt, T., Basin, D.A., Doser, J.: SecureUML: A UML-based Modeling Language for Model-driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)
Jurjens, J.: UMLsec: Extending UML for Secure Systems Development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002)
Elahi, G., Yu, E.: A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs. In: Parent, C., Schewe, K.-D., Storey, V.C., Thalheim, B. (eds.) ER 2007. LNCS, vol. 4801, pp. 87–101. Springer, Heidelberg (2007)
van Lamsweerde, A.: Elaborating Security Requirements by Construction of Intentional Anti-models. In: Proceedings of the 26th International Conference on Software Engineering (ICSE 2004), pp. 148–157. IEEE Computer Society, Los Alamitos (2004)
Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Modeling Security Requirements Through Ownership, Permision and Delegation. In: Proceedings of the 13th IEEE International Conference on Requirements Engineering (RE 2005). IEEE Computer Society, Los Alamitos (2005)
Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Modelling social and individual trust in requirements engineering methodologies. In: Proceedings of the 3nd International Conference on Trust Management. LNCS, pp. 161–176. Springer, Heidelberg (2005)
Mouratidis, H., Jurjens, J., Fox, J.: Towards a Comprehensive Framework for Secure Systems Development. In: Dubois, E., Pohl, K. (eds.) CAiSE 2006. LNCS, vol. 4001, pp. 48–62. Springer, Heidelberg (2006)
Bresciani, P., Giorgini, P., Giunchiglia, F., Mylopoulos, J., Perini, A.: TROPOS: an Agent-oriented Software Development Methodology. Journal of Autonomous Agents and Multi-Agent Systems 8, 203–236 (2004)
Castro, J., Kolp, M., Mylopoulos, J.: Towards Requirements-Driven Information Systems Engineering: The TROPOS Project. Information Systems 27, 365–389 (2002)
Mouratidis, H., Giorgini, P., Manson, G.A.: When Security Meets Software Engineering: a Case of Modelling Secure Information Systems. Information Systems 30(8), 609–629 (2005)
Mouratidis, H., Giorgini, P., Manson, G.: Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems. In: Eder, J., Missikoff, M. (eds.) CAiSE 2003. LNCS, vol. 2681, pp. 63–78. Springer, Heidelberg (2003)
Genon, N.: Modelling Security during Early Requirements: Contributions to and Usage of a Domain Model for Information System Security Risk Management. Master thesis, University of Namur (2007)
Mouratidis, H., Philp, I., Manson, G.: A Novel Agent-Based System to Support the Single Assessment Process of Older People. Journal of Health Informatics 9(3), 149–162 (2003)
Mouratidis, H.: A Security Oriented Approach in the Development of Multiagent Systems: Applied to the Management of the Health and Social Care Needs of Older People in England. PhD thesis, Department of Computer Science, University of Sheffield, UK (2004)
van Lamsweerde, A., Letier, E.: Handling Obstacles in Goal-oriented Requirements Engineering. Transactions on Software Engineering 26(10), 978–1005 (2000)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Matulevičius, R., Mayer, N., Mouratidis, H., Dubois, E., Heymans, P., Genon, N. (2008). Adapting Secure Tropos for Security Risk Management in the Early Phases of Information Systems Development. In: Bellahsène, Z., Léonard, M. (eds) Advanced Information Systems Engineering. CAiSE 2008. Lecture Notes in Computer Science, vol 5074. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69534-9_40
Download citation
DOI: https://doi.org/10.1007/978-3-540-69534-9_40
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69533-2
Online ISBN: 978-3-540-69534-9
eBook Packages: Computer ScienceComputer Science (R0)