A Social Ontology for Integrating Security and Software Engineering

A Social Ontology for Integrating Security and Software Engineering

E. Yu (University of Toronto, Canada), L. Liu (Tsinghua University, China) and J. Mylopoulous (University of Toronto, Canada)
DOI: 10.4018/978-1-59904-147-6.ch004
OnDemand PDF Download:
$37.50

Abstract

As software becomes more and more entrenched in everyday life in today’s society, security looms large as an unsolved problem. Despite advances in security mecha-nisms and technologies, most software systems in the world remain precarious and vulnerable. There is now widespread recognition that security cannot be achieved by technology alone. All software systems are ultimately embedded in some human social environment. The effectiveness of the system depends very much on the forces in that environment. Yet there are few systematic techniques for treating the social context of security together with technical system design in an integral way. In this chapter, we argue that a social ontology at the core of a requirements engineering process can be the basis for integrating security into a requirements driven software engineering process. We describe the i* agent-oriented modelling framework and show how it can be used to model and reason about security concerns and responses. A smart card example is used to illustrate. Future directions for a social paradigm for security and software engineering are discussed.

Complete Chapter List

Search this Book:
Reset
Table of Contents
Foreword
Bashar Nuseibeh
Preface
Paolo Giorgini, Haralambos Mouratidis
Chapter 1
H. Mouratidis, P. Giorgini
This chapter serves as an introduction to this book. It introduces software engineer-ing, security engineering, and secure software engineering... Sample PDF
Integrating Security and Software Engineering: An Introduction
$37.50
Chapter 2
C. B. Haley, R. Laney, J. D. Moffett, B. Nuseibeh
This chapter presents a process for security requirements elicitation and analysis, based around the construction of a satisfaction argument for the... Sample PDF
Arguing Satisfaction of Security Requirements
$37.50
Chapter 3
N. R. Mead
In this chapter, we describe general issues in developing security requirements, meth-ods that have been useful, and a method (SQUARE) that can be... Sample PDF
Identifying Security Requirements Using the Security Quality Requirements Engineering (SQUARE) Method
$37.50
Chapter 4
E. Yu, L. Liu, J. Mylopoulous
As software becomes more and more entrenched in everyday life in today’s society, security looms large as an unsolved problem. Despite advances in... Sample PDF
A Social Ontology for Integrating Security and Software Engineering
$37.50
Chapter 5
E. B. Fernandez, M. M. Larrondo-Petrie, T. Sorgente, M. Vanhilst
We are developing a methodology to build secure software for complex applications and its related support. This methodology considers the whole... Sample PDF
A Methodology to Develop Secure Systems Using Patterns
$37.50
Chapter 6
M. Weiss
While many theoretical approaches to security engineering exist, they are often limited to systems of a certain complexity, and require security... Sample PDF
Modelling Security Patterns Using NFR Analysis
$37.50
Chapter 7
M. Siponen, R. Baskerville, R. Kuivalainen
Software developers can use agile software development methods to build secure information systems. Current agile methods have few (if any) explicit... Sample PDF
Extending Security in Agile Software Development Methods
$37.50
Chapter 8
P. Giorgini, H. Mouratidis, N. Zannone
Although the concepts of security and trust play an important issue in the development of information systems, they have been mainly neglected by... Sample PDF
Modelling Security and Trust with Secure Tropos
$37.50
Chapter 9
S. H. Houmb, G. Georg, J. Jurjens, R. France
This chapter describes the integrated security veri?cation and security solution design trade-off analysis (SVDT) approach. SVDT is useful when... Sample PDF
An Integrated Security Verification and Security Solution Design Trade-Off Analysis Approach
$37.50
Chapter 10
M. Koch, F. Parisi-Presicce, K. Pauls
Security requirements have become an integral part of most modern software systems. In order to produce secure systems, it is necessary to provide... Sample PDF
Access Control Specification in UML
$37.50
Chapter 11
A. Mana, C. Rudolph, G. Spanoudakis, V. Lotz, F. Massacci, M. Melideo, J. S. Lopez-Cobo
The scenarios of Ambient Intelligence introduce a new computing paradigm and set new challenges for the design and engineering of secure and... Sample PDF
Security Engineering for Ambient Intelligence: A Manifesto
$37.50
Chapter 12
H. Mouratidis, P. Giorgini
The previous chapters of this book have presented promising approaches in the secure software engineering ?eld. However, the ?eld is still in its... Sample PDF
Integrating Security and Software Engineering: Future Vision and Challenges
$37.50
About the Authors