Skip to main content
Log in

Requirements engineering for trust management: model, methodology, and reasoning

International Journal of Information Security Aims and scope Submit manuscript

Abstract

A number of recent proposals aim to incorporate security engineering into mainstream software engineering. Yet, capturing trust and security requirements at an organizational level, as opposed to an IT system level, and mapping these into security and trust management policies is still an open problem. This paper proposes a set of concepts founded on the notions of ownership, permission, and trust and intended for requirements modeling. It also extends Tropos, an agent-oriented software engineering methodology, to support security requirements engineering. These concepts are formalized and are shown to support the automatic verification of security and trust requirements using Datalog. To make the discussion more concrete, we illustrate the proposal with a Health Care case study.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

References

  1. Abiteboul S., Hull R., Vianu V. (1995) Foundations of databases. Addison-Wesley, Reading

    MATH  Google Scholar 

  2. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y. Hippocratic databases. In: Proceedings of VLDB’02, pp. 143–154. Morgan Kaufmann (2002)

  3. Anderson, R. A security policy model for clinical information systems. In: Proceedings of Symposium on Security and Privacy, pp. 30–43. IEEE Press (1996)

  4. Antón AI., Earp JB. (2004) A requirements taxonomy for reducing Web site privacy vulnerabilities. Requirements Eng. J. 9(3): 169–185

    Article  Google Scholar 

  5. Axelrod R. The evolution of cooperation. Basic Books, London (1984)

  6. Barnes LB. (1981) Managing the paradox of organizational trust. Harvard Bus. Rev. 59(2): 107–116

    Google Scholar 

  7. Basin D., Doser J., Lodderstedt T. (2006) Model driven security: from UML models to access control infrastructures. TOSEM 15(1): 39–91

    Article  Google Scholar 

  8. Blaze M., Feigenbaum J., Ioannidis J., Keromytis A.D. (1999) The role of trust management in distributed systems security. secure internet programming 1603, 185–210

    Article  Google Scholar 

  9. Blomqvist, K., Ståhle, P. Building organizational trust. In: proceedings of 16th Annual IMP Conf. (2000)

  10. Bresciani P., Giorgini P., Giunchiglia F., Mylopoulos J., Perini A. (2004) TROPOS: An agent-oriented software development methodology. JAAMAS 8(3): 203–236

    Google Scholar 

  11. Castelfranchi, C., Falcone, R. Principles of trust for MAS: Cognitive anatomy, social importance and quantification. In: proceedings of ICMAS’98, pp. 72–79. IEEE Press (1998)

  12. Chu Y.H., Feigenbaum J., LaMacchia B., Resnick P., Strauss M. (1997) REFEREE: Trust management for web applications. computer networks and ISDN Systems 29(8–13): 953–964

    Article  Google Scholar 

  13. Chung, L., Nixon, B. Dealing with non-functional requirements: three experimental studies of a process-oriented approach. In: Proceedings of ICSE’95, pp. 25–37. ACM Press (1995)

  14. Damianou, N. A policy framework for management of distributed systems. Ph.D. Thesis, University of London (2002)

  15. Devanbu, P.T., Stubblebine, S.G. Software engineering for security: a roadmap. In: Proceedings. of ICSE’00 - Future of Software Engineerring Track, pp. 227–239 (2000)

  16. Ebert, C. Requirements BEFORE the requirements: understanding the upstream Impacts. In: Proceedings of RE’05, pp. 117–124. IEEE Press (2005)

  17. Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylonen, T. Simple public key certificates. Internet Draft (work in progress) (1999)

  18. Giorgini, P., Massacci, F., Mylopoulos, J. Requirement engineering meets security: a case study on modelling secure electronic transactions by VISA and Mastercard. In: Proceedings. of ER’03, LNCS 2813, pp. 263–276. Springer, Berlin Heidelberg Newyork (2003)

  19. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N. Filling the gap between requirements engineering and public key/trust management infrastructures. In: Proceedings. of EuroPKI’04, LNCS 3093, pp. 98–111. Springer, Berlin Heidelberg Newyork (2004)

  20. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Requirements engineering meets trust management: model, methodology, and reasoning. In: Proceedings. of iTrust’04, LNCS 2995, pp. 176–190. Springer, Berlin Heidelberg Newyork (2004)

  21. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N. Modeling security requirements through ownership, permission and delegation. In: Proceedings of RE’05, pp. 167–176. IEEE Press (2005)

  22. Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N. Modelling social and individual trust in requirements engineering methodologies. In: Proceedings of iTrust’05, LNCS 3477, pp. 161–176. Springer, Berlin Heidelberg Newyork (2005)

  23. Jim, T. SD3: a trust management system with certified evaluation. In: Proceedings of Symposium on Security and Privacy, pp. 106–115. IEEE Press (2001)

  24. Jürjens, J. Secure Systems Development with UML. Springer, (2004)

  25. Leone, N., Pfeifer, G., Faber, W., Eiter, T., Gottlob, G., Perri, S., Scarcello, F. The DLV System for knowledge representation and reasoning. TOCL (2005)

  26. Li N., Grosof B.N., Feigenbaum J. (2003) Delegation logic: a logic-based approach to distributed authorization. TISSEC 6(1): 128–171

    Article  Google Scholar 

  27. Li, N., Mitchell, J.C., Winsborough, W.H. Design a role-based trust-management framework. In: Proceedings of Symposium on Security and Privacy, pp. 114–130. IEEE Press (2002)

  28. Liu, L., Yu, E.S.K., Mylopoulos, J. Security and Privacy Requirements Analysis within a Social Setting. In: Proceedings of RE’03, pp. 151–161. IEEE Press (2003)

  29. Massacci, F., Mylopoulos, J., Zannone, N. From hippocratic databases to secure tropos: a computer-aided re- engineering Approach. IJSEKE (2006). (in press).

  30. Massacci, F., Penserini, L. (eds.) In: Proceedings of Symposium on Requirements Engineering for Information Security (2005)

  31. Massacci F., Prest M., Zannone N. (2005) Using a security requirements engineering methodology in practice: the compliance with the italian data protection legislation. Comp. Stand. Inter. 27(5): 445–455

    Article  Google Scholar 

  32. Massacci, F., Zannone, N. Detecting conflicts between functional and security requirements with secure tropos: John Rusnak and the allied irish bank. Tech. Rep. DIT-06-002, University of Trento (2006)

  33. McDermott, J., Fox, C. Using abuse case models for security requirements Analysis. In: Proceedings of ACSAC’99, pp. 55–66. IEEE Press (1999)

  34. McKnight, D.H., Chervany, N.L. The meanings of trust. Tech. Rep. 96-04, MIS Research Center (1996)

  35. Sandhu R.S., Coyne E.J., Feinstein H.L., Youman C.E. (1996) Role-based access control models. IEEE Comp. 29(2): 38–47

    Google Scholar 

  36. Sindre G., Opdahl A.L. (2005) Eliciting security requirements with misuse cases. Requirements Eng. J. 10(1): 34–44

    Article  Google Scholar 

  37. Sommerville I. (2001) Software engineering. Addison-Wesley, Reading

    Google Scholar 

  38. Toval, A., Olmos, A., Piattini, M. Legal requirements reuse: a critical success factor for requirements quality and personal data protection. In: Proceedings of RE’02, pp. 95 –103. IEEE Press (2002)

  39. Tryfonas T., Kiountouzis E., Poulymenakou A. (2001) Embedding security practices in contemporary information systems development approaches. Inform. Manage. Comp. Sec. 9, 183–197

    Article  Google Scholar 

  40. van Lamsweerde, A., Brohez, S., De Landtsheer, R., Janssens, D. From system goals to intruder anti-goals: attack generation and resolution for security requirements engineering. In: Proceedings of RHAS’03, pp. 49–56 (2003)

  41. Yu, E., Cysneiros, L. designing for privacy and other competing requirements. In: Proceedings of SREIS’02 (2002)

  42. Yu, E.S.K. Modelling strategic relationships for process reengineering. Ph.D. thesis, University of Toronto (1996)

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Nicola Zannone.

Additional information

This work is an expanded and revised version of [19,20].

Rights and permissions

Reprints and permissions

About this article

Cite this article

Giorgini, P., Massacci, F., Mylopoulos, J. et al. Requirements engineering for trust management: model, methodology, and reasoning. Int. J. Inf. Secur. 5, 257–274 (2006). https://doi.org/10.1007/s10207-006-0005-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-006-0005-7

Keywords

Navigation