TY - GEN
T1 - A framework for specifying and managing security requirements in collaborative systems
AU - Yau, Sik-Sang
AU - Chen, Zhaoji
PY - 2006
Y1 - 2006
N2 - Although security has been recognized as an increasingly important and critical issue for software system development, most security requirements are poorly specified: ambiguous, misleading, inconsistent among various parts, and lacking sufficient details. In this paper, a framework for specifying unambiguous, interoperable security requirements and detecting conflict and undesirable emergent properties in collaborative systems is presented. The framework includes a core ontology representing hierarchical security requirements, an ontology-based security requirement specification process, a set of security requirement refining rules, an algorithm for automatic security requirement refinement and an analysis algorithm to detect inconsistent security requirements. In this paper, the specification and refinement of security requirements are emphasized.
AB - Although security has been recognized as an increasingly important and critical issue for software system development, most security requirements are poorly specified: ambiguous, misleading, inconsistent among various parts, and lacking sufficient details. In this paper, a framework for specifying unambiguous, interoperable security requirements and detecting conflict and undesirable emergent properties in collaborative systems is presented. The framework includes a core ontology representing hierarchical security requirements, an ontology-based security requirement specification process, a set of security requirement refining rules, an algorithm for automatic security requirement refinement and an analysis algorithm to detect inconsistent security requirements. In this paper, the specification and refinement of security requirements are emphasized.
KW - Collaborative systems
KW - Framework
KW - Hierarchical security requirements
KW - Ontology
KW - Requirement refinement algorithms
KW - Security specification
KW - Software security
UR - http://www.scopus.com/inward/record.url?scp=33750052567&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=33750052567&partnerID=8YFLogxK
U2 - 10.1007/11839569_49
DO - 10.1007/11839569_49
M3 - Conference contribution
AN - SCOPUS:33750052567
SN - 354038619X
SN - 9783540386193
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 500
EP - 510
BT - Autonomic and Trusted Computing - Thrid International Conference, ATC 2006, Proceedings
PB - Springer Verlag
T2 - Thrid International Conference on Autonomic and Trusted Computing, ATC 2006
Y2 - 3 September 2006 through 6 September 2006
ER -