Abstract
Selecting security mechanisms for complex software systems is a cumbersome process. The presence of multiple goals and architectural components, as well as cost and performance considerations, render decision-making a crucial but complicated aspect of a system’s design. In our work, we extend Secure Tropos, a security requirements engineering methodology, by introducing the concept of Risk in order to facilitate the elicitation and analysis of security requirements and also support a systematic risk assessment process during the system’s design time. Next, we use Constrained Goal Models to reason about optimal security mechanism combinations with respect to multiple objectives of the system-to-be, taking into account conflicting functional and non-functional goals. This type of reasoning allows combining linear multi-objective optimisation with logical constraints introduced by the system’s stakeholders. Finally, we illustrate the application of approach through a real-world case study from the e-government sector.
| Original language | English |
|---|---|
| Title of host publication | Computer Security - ESORICS 2017 International Workshops, CyberICPS 2017 and SECPRE 2017, Revised Selected Papers |
| Publisher | Springer-Verlag |
| Pages | 262-280 |
| Number of pages | 19 |
| ISBN (Electronic) | 9783319728179 |
| ISBN (Print) | 9783319728162 |
| DOIs | |
| Publication status | Published - 22 Dec 2017 |
| Event | 3rd Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2017, 1st International Workshop on Security and Privacy Requirements Engineering, SECPRE 2017, Both workshops were co-located with 22nd European Symposium on Research in Computer Security, ESORICS 2017 - Oslo, Norway Duration: 14 Sep 2017 → 15 Sep 2017 |
Publication series
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 10683 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Workshop
| Workshop | 3rd Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2017, 1st International Workshop on Security and Privacy Requirements Engineering, SECPRE 2017, Both workshops were co-located with 22nd European Symposium on Research in Computer Security, ESORICS 2017 |
|---|---|
| Country | Norway |
| City | Oslo |
| Period | 14/09/17 → 15/09/17 |
Fingerprint
Keywords
- Constraint goal models
- Decision making
- Information security
- Security requirements
Cite this
}
Decision-making in security requirements engineering with constrained goal models. / Argyropoulos, Nikolaos; Angelopoulos, Konstantinos; Mouratidis, Haralambos; Fish, Andrew.
Computer Security - ESORICS 2017 International Workshops, CyberICPS 2017 and SECPRE 2017, Revised Selected Papers. Springer-Verlag, 2017. p. 262-280 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10683 LNCS).Research output: Chapter in Book/Conference proceeding with ISSN or ISBN › Conference contribution with ISSN or ISBN › Research › peer-review
TY - GEN
T1 - Decision-making in security requirements engineering with constrained goal models
AU - Argyropoulos, Nikolaos
AU - Angelopoulos, Konstantinos
AU - Mouratidis, Haralambos
AU - Fish, Andrew
PY - 2017/12/22
Y1 - 2017/12/22
N2 - Selecting security mechanisms for complex software systems is a cumbersome process. The presence of multiple goals and architectural components, as well as cost and performance considerations, render decision-making a crucial but complicated aspect of a system’s design. In our work, we extend Secure Tropos, a security requirements engineering methodology, by introducing the concept of Risk in order to facilitate the elicitation and analysis of security requirements and also support a systematic risk assessment process during the system’s design time. Next, we use Constrained Goal Models to reason about optimal security mechanism combinations with respect to multiple objectives of the system-to-be, taking into account conflicting functional and non-functional goals. This type of reasoning allows combining linear multi-objective optimisation with logical constraints introduced by the system’s stakeholders. Finally, we illustrate the application of approach through a real-world case study from the e-government sector.
AB - Selecting security mechanisms for complex software systems is a cumbersome process. The presence of multiple goals and architectural components, as well as cost and performance considerations, render decision-making a crucial but complicated aspect of a system’s design. In our work, we extend Secure Tropos, a security requirements engineering methodology, by introducing the concept of Risk in order to facilitate the elicitation and analysis of security requirements and also support a systematic risk assessment process during the system’s design time. Next, we use Constrained Goal Models to reason about optimal security mechanism combinations with respect to multiple objectives of the system-to-be, taking into account conflicting functional and non-functional goals. This type of reasoning allows combining linear multi-objective optimisation with logical constraints introduced by the system’s stakeholders. Finally, we illustrate the application of approach through a real-world case study from the e-government sector.
KW - Constraint goal models
KW - Decision making
KW - Information security
KW - Security requirements
UR - http://www.scopus.com/inward/record.url?scp=85041501444&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-72817-9_17
DO - 10.1007/978-3-319-72817-9_17
M3 - Conference contribution with ISSN or ISBN
SN - 9783319728162
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 262
EP - 280
BT - Computer Security - ESORICS 2017 International Workshops, CyberICPS 2017 and SECPRE 2017, Revised Selected Papers
PB - Springer-Verlag
ER -