A framework for specifying and managing security requirements in collaborative systems

Sik-Sang Yau, Zhaoji Chen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

Although security has been recognized as an increasingly important and critical issue for software system development, most security requirements are poorly specified: ambiguous, misleading, inconsistent among various parts, and lacking sufficient details. In this paper, a framework for specifying unambiguous, interoperable security requirements and detecting conflict and undesirable emergent properties in collaborative systems is presented. The framework includes a core ontology representing hierarchical security requirements, an ontology-based security requirement specification process, a set of security requirement refining rules, an algorithm for automatic security requirement refinement and an analysis algorithm to detect inconsistent security requirements. In this paper, the specification and refinement of security requirements are emphasized.

Original languageEnglish (US)
Title of host publicationAutonomic and Trusted Computing - Thrid International Conference, ATC 2006, Proceedings
PublisherSpringer Verlag
Pages500-510
Number of pages11
ISBN (Print)354038619X, 9783540386193
StatePublished - Jan 1 2006
EventThrid International Conference on Autonomic and Trusted Computing, ATC 2006 - Wuhan, China
Duration: Sep 3 2006Sep 6 2006

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4158 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

OtherThrid International Conference on Autonomic and Trusted Computing, ATC 2006
CountryChina
CityWuhan
Period9/3/069/6/06

    Fingerprint

Keywords

  • Collaborative systems
  • Framework
  • Hierarchical security requirements
  • Ontology
  • Requirement refinement algorithms
  • Security specification
  • Software security

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Yau, S-S., & Chen, Z. (2006). A framework for specifying and managing security requirements in collaborative systems. In Autonomic and Trusted Computing - Thrid International Conference, ATC 2006, Proceedings (pp. 500-510). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4158 LNCS). Springer Verlag.