Remember Me
Or use your Academic/Social account:


Or use your Academic/Social account:


You have just completed your registration at OpenAire.

Before you can login to the site, you will need to activate your account. An e-mail will be sent to you with the proper instructions.


Please note that this site is currently undergoing Beta testing.
Any new content you create is not guaranteed to be present to the final version of the site upon release.

Thank you for your patience,
OpenAire Dev Team.

Close This Message


Verify Password:
Verify E-mail:
*All Fields Are Required.
Please Verify You Are Human:
fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
Mouratidis, Haralambos; Jurjens, Jan; Fox, Jorge (2006)
Publisher: LNCS 4001 pp
Languages: English
Types: Part of book or chapter of book
Security involves technical as well as social challenges. In the development of security-critical applications, system developers must consider both the technical and the social parts. To achieve this, security issues must be considered during the whole development life-cycle of an information system. This paper presents an approach that allows developers to consider both the social and the technical dimensions of security through a structured and well defined process. In particular, the proposed approach takes the high-level concepts and modelling activities of the secure Tropos methodology and enriches them with a low level security-engineering ontology and models derived from the UMLsec approach. A real case study from the e-commerce sector is employed to demonstrate the applicability of the approach.
  • The results below are discovered through our pilot algorithms. Let us know how we are doing!

    • John Wiley & Sons, New York, 2001.
    • In Proceedings of the 8th ACM symposium on Access Control Models and Technologies, Como, Italy, 2003
    • Bresciani, P. Giorgini, P., Giunchiglia, F., Mylopoulos, J., Perini, A., TROPOS: An Agent Oriented Software Development Methodology. In Journal of Autonomous Agents and Multi-Agent Systems, Kluwer Academic Publishers Volume 8, Issue 3, Pages 203-236, 2004
    • CEPSCO, Common Electronic Purse Specifications, Business Requirements ver. 7, Functional Requirements ver. 6.3, Technical Specification ver. 2.2. Available from http://www.cepsco.com [2000].
    • 5. Crook, R., Ince, D., Lin, L., Nuseibeh, B., Security Requirements Engineering: When Antirequirements Hit the Fan, In Proceedings of the 10th International Requirements Engineering Conference, pp. 203-205, IEEE Press, 2002
    • 6. Cysneiros, L.M. Sampaio do Prado Leite, J.P., Nonfunctional Requirements: From Elicitation to Conceptual Models. IEEE Trans. Software Eng. 30(5): 328-350 (2004)
    • 7. Devanbu, P., Stubblebine, S., Software Engineering for Security: a Roadmap. In Proceedings of ICSE 2000 (“the conference of the future of Software engineering”), 2000.
    • 8. Giorgini, P., Massacci, F., Mylopoulos, J., Requirements Engineering meets Security: A Case Study on Modelling Secure Electronic Transactions by VISA and Mastercard, in Proceedings of the International Conference on Conceptual Modelling (ER), LNCS 2813, pp. 263-276, Springer-Verlag, 2003.
    • 9. Hermann, G. Pernul, G., Viewing business-process security from different perspectives. International Journal of electronic Commence 3:89-103, 1999
    • 10. Jürjens, J., Shabalin, P., Tools for Critical Systems Development with UML (Tool Demo), UML 2004 Satellite Events, Nuno Jardim Nunes, Bran Selic, Alberto Silva, Ambrosio Toval (eds.), LNCS, Springer-Verlag 2004E. [Accessible at http://www.UMLsec.org. Protected content can be accessed as user: Reader, with password: Ihavethebook]. Available as open-source.
    • 11. Jürjens, J., Secure Systems Development with UML, Springer, March-Verlag, 2004
    • 12. McDermott, J., Fox, C., Using Abuse Care Models for Security Requirements Analysis. In Proceedings of the 15th Annual Computer Security Applications Conference, December 1999.
    • 13. Mouratidis, H., A Security Oriented Approach in the Development of Multiagent Systems: Applied to the Management of the Health and Social Care Needs of Older People in England. PhD thesis, University of Sheffield, U.K., 2004
    • 14. Mouratidis, H., Giorgini, P., Manson, G., Integrating Security and Systems Engineering: towards the modelling of secure information systems. In Proceedings of the 15th Conference on Advanced Information Systems (CaiSE 2003), Velden -Austria, 2003
    • 15. Object Management Group, OMG Unified Modeling Language Specification v1.5, March 2003. Version 1.5. OMG Document formal/03-03-01.
    • 16. Saltzer, J., Schroeder, M., The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278-1308, September 1975.
    • 17. Schneider, F., editor. Trust in Cyberspace. National Academy Press, Washington, DC, 1999. Available as http://www.nap.edu/readingroom/books/trust/.
    • 18. Schneier, B., Secrets & Lies: Digital Security in a Networked World, John Wiley & Sons, 2000
    • 19. Schumacher, M., Roedig, U., Security Engineering with Patterns. In Proceedings of the 8th Conference on Pattern Languages for Programs (PLoP 2001), Illinois-USA, September 2001
    • 20. Schumacher, M., Security Engineering with patterns. In Lecture Notes in Computer Science, Vol. 2754, Springer-Verlag, 2003
    • 21. Shamir, A., Crypto Predictions. In 3rd International Conference on Financial Cryptography (FC 1999), 1999.
    • 22. The Economist, Digital rights and wrongs, July 17, 1999
    • 23. van Lamsweerde, A., Letier, E., Handling Obstacles in Goal-Oriented Requirements Engineering, Transactions of Software Engineering, 26 (10): 978-1005, 2000
    • 24. Viega, J., McGraw, G., Building a Secure Software. Addison-Wesley, Reading, MA, 2002.
  • No related research data.
  • No similar publications.

Share - Bookmark

Cite this article