Title: Security requirement patterns for Future Internet applications, and improved modelling of the scenarios
Other Titles: Deliverable D6.4
Authors: Paci, Federica
Tran, Le Minh Sang
Becker, Kristian
Moyano, Francisco
Fernandez Gago, Carmen
Scandariato, Riccardo
Yskout, Koen
Editors: Paci, Federica
Tran, Le Minh Sang
Contributors: Cuellar, Jorge
Busch, Marianne
Petrocchi, Marinella
Issue Date: 31-Oct-2013
Abstract: Future Internet (FI) applications are the result of composing services and data from different parties. The development of such kind of applications often involves multiple stakeholders, whose requirements might partially conflict with others’. This raises the need of new techniques to identify all stakeholders and their high-level requirements, as well as potential conflicts. Moreover, since these parties do not necessarily fully trust each other, it is also important to identify potential threats within FI applications. In this deliverable we present a framework including the modelling and analyses which support the requirements engineers: (1) in the elicitation of stakeholders and their requirements, (2) in the iden- tification of potential conflicts among their requirements, and (3) in the identification of potential risks associated with stakeholders’ assets.

The framework employs and extends the Si* modelling language and UML profile with trust and reputa- tion constructs. These modelling languages are used as basis to produce a catalogue of patterns that provides support to the security requirements engineers in identifying possible conflicts and threats. We also present a systematic methodology to apply these patterns to elicit and analyse security re- quirements for FI applications.

We further address the system sustainability by taking into account the evolutionary aspect of the development process. We use change scenarios to express the co-evolution of requirements and architectures. We model these scenarios by using the extended version of the Si* modelling language. By prioritizing change scenario instances, software architects can be able to select a suitable solution (i.e., an implementation choice) that will enable the co-evolution happens while limiting the impact on the system.
Publication status: published
KU Leuven publication type: ER
Appears in Collections:Informatics Section

Files in This Item:
File Description Status SizeFormat
NESSoS-D6.4.pdf Published 3143KbAdobe PDFView/Open


All items in Lirias are protected by copyright, with all rights reserved.