Abstract
Companies are under pressure to be in control of their assets but at the same time they must operate as efficiently as possible. This means that they aim to implement “good-enough security” but need to be able to justify their security investment plans. Currently companies achieve this by means of checklist-based security assessments, but these methods are a way to achieve consensus without being able to provide justifications of countermeasures in terms of business goals. But such justifications are needed to operate securely and effectively in networked businesses. In this paper, we first compare a Risk-Based Requirements Prioritization method (RiskREP) with some requirements engineering and risk assessment methods based on their requirements elicitation and prioritization properties. RiskREP extends misuse case-based requirements engineering methods with IT architecture-based risk assessment and countermeasure definition and prioritization. Then, we present how RiskREP prioritizes countermeasures by linking business goals to countermeasure specification. Prioritizing countermeasures based on business goals is especially important to provide the stakeholders with structured arguments for choosing a set of countermeasures to implement. We illustrate RiskREP and how it prioritizes the countermeasures it elicits by an application to an action case.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Asnar, Y., Giorgini, P., Mylopoulos, J.: Goal-driven Risk Assessment in Requirements Engineering. Requirement Engineering Journal, 1–16 (2010)
Braber, F., Hogganvik, I., Lund, M., Stølen, K., Vraalsen, F.: Model-based Security Analysis in Seven Steps — a Guided Tour to the CORAS Method. BT Technology Journal 25(1), 101–117 (2007)
I.S.O. I.E. Commission. ISO/IEC 9126, Information Technology - Software Product Evaluation - Quality Characteristics and Guidelines for Their Use (1991), http://www.iso.org
Dubois, E., Heymans, P., Mayer, N., Matulevicius, R.: A Systematic Approach to Define the Domain of Information System Security Risk Management. In: Nurcan, S., et al. (eds.) Intentional Perspectives on Information Systems Engineering, pp. 289–306. Springer, Heidelberg (2010)
Elahi, G., Yu, E.: Modeling and Analysis of Security Trade-offs - A Goal Oriented Approach. Data Knowledge Engineering 68, 579–598 (2009)
Elahi, G., Yu, E., Zannone, N.: A Vulnerability-centric Requirements Engineering Framework: Analyzing Security Attacks, Countermeasures, and Requirements Based on Vulnerabilities. Requir. Eng. 15(1), 41–62 (2010)
Herrmann, A., Paech, B.: MOQARE: Misuse-oriented Quality Requirements Engineering. Requir. Eng. 13(1), 73–86 (2008)
Herrmann, A., Morali, A.: RiskREP: Risk-Based Security Requirements Elicitation and Prioritization (extended version). Technical Report TR-CTIT-10-28, Centre for Telematics and Information Technology. University of Twente, Enschede (2010) ISSN 1381-3625, http://eprints.eemcs.utwente.nl/18342/
Islam, S., Houmb, S.: Integrating Risk Management Activities into Requirements Engineering. In: Proc. of the 4th Int. Conf. on Research Challenges in Information Science. IEEE Computer Society (2010)
Karpati, P., Sindre, G., Opdahl, A.L.: Visualizing Cyber Attacks with Misuse Case Maps. In: Wieringa, R., Persson, A. (eds.) REFSQ 2010. LNCS, vol. 6182, pp. 262–275. Springer, Heidelberg (2010)
Kazman, R., Klein, M., Clements, P., Compton, N.: Atam: Method for Architecture Evaluation. Technical Report CMU/SEI-2000-TR-004, CMU (2000)
Mayer, N., Dubois, E., Rifaut, A.: Requirements Engineering for Improving Business/IT Alignment in Security Risk Management Methods. In: Proc. of the 3rd Int. Conf. Interoperability for Enterprise Software and Applications, I-ESA, p. 12 (2007)
Moore, A.P., Ellison, R.J., Linger, R.C.: Attack Modeling for Information Security and Survivability. Technical Report CMU/SEI-2001-TN-001, CMU (2001)
Morali, A.: IT Architecture-Based Confidentiality Risk Assessment in Networks of Organizations. PhD thesis, University of Twente, Enschede, The Netherlands (2011)
Mylopoulos, J., Chung, L., Liao, S., Wang, H., Yu, E.: Exploring Alternatives during Requirements Analysis. IEEE Software 18, 92–96 (2001)
Phillips, C., Swiler, L.: A Graph-based System for Network-Vulnerability Analysis. In: Proc. of the 1998 Workshop on New Security Paradigms, pp. 71–79. ACM (1998)
Sindre, G., Opdahl, A.: Eliciting Security Requirements with Misuse Cases. Requir. Eng. 10(1), 34–44 (2005)
Stamatis, D.: Failure Mode and Effect Analysis FMEA from Theory to Execution. American Society for Quality Press (2003)
van Lamsweerde, A., Brohez, S., Landtsheer, R.D., Janssens, D.: From System Goals to Intruder Anti-goals: Attack Generation and Resolution for Security Requirements Engineering. In: Proc. of RHAS Workshop, Essener Informatik Beitraege, vol. Bd 6, pp. 49–56 (2003)
Zambon E.: Towards Optimal IT Availability Planning: Methods and Tools. PhD thesis, University of Twente, Enschede, The Netherlands (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Herrmann, A., Morali, A., Etalle, S., Wieringa, R. (2012). Risk and Business Goal Based Security Requirement and Countermeasure Prioritization. In: Niedrite, L., Strazdina, R., Wangler, B. (eds) Workshops on Business Informatics Research. BIR 2011. Lecture Notes in Business Information Processing, vol 106. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29231-6_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-29231-6_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29230-9
Online ISBN: 978-3-642-29231-6
eBook Packages: Computer ScienceComputer Science (R0)