modeling security requirements through ownership
play

Modeling Security Requirements Through Ownership, Permission and - PowerPoint PPT Presentation

Oct 22, 2023 •278 likes •998 views

Universit degli Studi di Trento Modeling Security Requirements Through Ownership, Permission and Delegation A comedy in 10 acts plus an epilogue starring F.Massacci Also starring P. Giorgini J. Mylopoulos N. Zannone www.troposproject.org

  1. Università degli Studi di Trento Modeling Security Requirements Through Ownership, Permission and Delegation A comedy in 10 acts plus an epilogue starring F.Massacci Also starring P. Giorgini J. Mylopoulos N. Zannone www.troposproject.org

  2. Università degli Studi di Trento What’s on Stage • Know thy speaker • The piece – Act 1 - The landascape out there – Act 2 - The father – Act 3 - An honest day’s work – Act 4 -The tale of two brothers – Act 5 - Shadows at dusk – Act 6 - Enter our hero – Act 7 - Going into the battlefield – Act 8 - Dr. Trust and mr. Mistrust – Act 9 - The step-sister – Act 10 - Looking into the future • Epilogue - Brave new world

  3. Università degli Studi di Trento Know Thy Speaker • Fabio Massacci Academic Biography – 1994 - 1998 - PhD at University of Rome I (Automated Reasoning with Applications to Security) – 1999 – 2001 Assistant Professor in Siena – 2000 – Visiting Researcher at IRIT-CNRS Toulouse France – 2001 – now Associate (now Full) Professor at Univ. of Trento – Current research interest security engineering and formal verification of security properties • The Dark Side – 1991 – Volunteer in Refugee Camps in Croatia – 1994 – 1996 National Committee of Italian Campaign for Tax Objection to Military Expences – 1993 – 1997 European Treasurer of International Non Governamental Organization (a past time with 20+ national member branches) – 2002 - Deputy Rector for ICT Procurement (another past time at 4M€/year)

  4. Università degli Studi di Trento Act 1 – The Landscape Out There How a Large Enterprise Project Looks Like

  5. Università degli Studi di Trento A story… • Who? – Leading International Consultancy Company – Leading European ERP Provider – Local Software Integrator for e-Goverment - owned by the Local Goverment – Public Administration Human Resources Department – Public Administration IT Department • What? – Human Resource IT System

  6. Università degli Studi di Trento The plot • A 2+M€ project for the verticalized ERP system for management of human resources in the public administration to be done on an integrated ERP platform hosted in outsourcing • HR management in public administration is complex: – your time in employment may be longer than the period you have actually been employed because you can count the military service into that or the service into another public institution. – When you run for a open call for (higher up) post and you win, the day you change role you formally resign from the old job and are hired to the new job… • A Virtual Organization was set up to sell the result of the project to other public administrations • 2 years of modelling and design and the project go live – Local SW Integrator responsible for the actual verticalization of ERP and corrective maintenance and evolution – Old HR systems turned off by Administration IT department and new system is run in outsourcing to local integrator.

  7. Università degli Studi di Trento Software Engineering our story • Very Interesting Case Study • Complex Organizational Scenario – Complex relations between partners – Internal structures and departments • Complex Processes • Dependencies of Actors – Outsourcing of data processing • Security & Privacy – Authorization issues on promotion and demotion – Lots of privacy sensitive data

  8. Università degli Studi di Trento Act 2 – The Father What You Always Wanted to Know About AOSE and Didn’t Care to Ask...

  9. Università degli Studi di Trento What is Software? • Traditional view – An engineering artifact, designed, tested and deployed using engineering methods; rely heavily on testing and inspection for validation (Engineering perspective) – A mathematical abstraction, a theory, which can be analyzed for consistency and can be refined into a more specialized theory (Mathematical perspective) • More Recent Views – A non-human agent, with its own personality and behavior, defined by its past history and structural makeup (Cognitive Science perspective) – A social structure of software agents, who communicate, negotiate, collaborate and cooperate to fulfil their goals (Social perspective)

  10. Università degli Studi di Trento Agent-Oriented Software Engineering • Research on the topic generally comes in two flavours: – Extend UML to support agent communication, negotiation etc. (e.g., Bauer and Odell); – Extend current agent programming platforms (e.g., JACK) to support not just programming but also design activities (Jennings et al). • Here we use a methodology for building agent- oriented software which supports requirements analysis , as well as design .

  11. Università degli Studi di Trento What is an Agent? • A person, an organization, certain kinds of software. • An agent has beliefs , goals ( desires ), intentions . • Agents are situated, autonomous, flexible, and social. • But note: human/organizational agents can’t be prescribed , they can only be partially described. • Software agents, on the other hand, have to be completely specified during implementation. • Beliefs correspond to (object) state, intentions constitute a run-time concept. For design-time, the interesting new concept agents have that objects don’t have is... ...goals!

  12. Università degli Studi di Trento i* - Tropos Methodology • Agent-Oriented RE Methodology – Agents, Roles – Goals, Tasks, Resources – Dependency among agents (A depends on B on G, if A wants G to be done and B agrees to look after that) – Goal Decomposition (AND/OR, pos./neg. contribution) • Adequate for the case at hand – Easy to Understand by Users for Early RE – Good for Modelling Organizations – Formal Reasoning Tools Available – www.troposproject.org • But there might be your own favourite… 6/17

  13. Università degli Studi di Trento i* - Tropos Methodology (cont) • Four phases of software development: – Early requirements -- identifies stakeholders and their goals The organizational environment of a software system can be conceptualized as a set of business processes, actors and/or goals. – Late requirements -- introduce system as another actor which can accommodate some of these goals. – Architectural design -- more system actors are added and are assigned responsibilities; – Detailed design -- completes the specification of system actors.

  14. Università degli Studi di Trento Tropos vs The World JACK i i TROPOS TROPOS * * GAIA GAIA KAOS KAOS Z Z AUML AUML UML, Catalysis & Co. UML, Catalysis & Co. Nothing here!! Early Early Late Architectural Late Architectural Detailed Implementation Detailed Implementation requirements requirements requirements design requirements design design design

  15. Università degli Studi di Trento Why Worry About Human/Organizational Agents? • Because their goals lead to software requirements, and these influence the design of a software system. • Note the role of human/organizational agents in OOA, --> use cases. • Also note the role of agents in up-and-coming requirements engineering techniques such as KAOS [Dardenne93]. • In KAOS, requirements analysis begins with a set of goals; these are analysed/decomposed to simpler goals which eventually either lead to software requirements, or are delegated to external agents.

  16. Università degli Studi di Trento Act 3 – A Honest Day’s Work How the i*/Tropos Methodology for Requirements and Software Engineering works

  17. Università degli Studi di Trento Early Requirements: External Actors and their Goals A social setting consists of actors, each having goals (and/or softgoals ) to be Low cost fulfilled. scheduling Manager Participant Good meeting Schedule Productive Schedule meeting meetings meeting

  18. Università degli Studi di Trento Quality of Goal schedule Minimal effort Degree of Analysis participation Minimal conflicts Schedule Matching Collection meeting effort + - effort + - + - - + Collect timetables Choose schedule By person By Manually system Automatically By all means By Have Collect email updated them timetables

  19. Università degli Studi di Trento Actor Dependency Models Initiator ContributeToMtg UsefulMtg ScheduleMtg CalendarInfo Scheduler Participant AttendMtg SuitableTime Actor dependencies are intentional: One actor wants something, another is willing and potentially able to deliver.

  20. Università degli Studi di Trento Using These Concepts • During early requirements, these concepts are used to model external stakeholders (people, organizations, existing systems), their relevant goals and inter- dependencies. • During late requirements, the system-to-be enters the picture as one or a few actors participating in i* models. • During architectural design, the actors being modelled are all system actors. • During detailed design, we are not adding more actors and/or dependencies; instead, we focus on fully specifying all elements of the models we have developed.

  21. Università degli Studi di Trento Late Requirements with i* Initiator ContributeToMtg UsefulMtg ScheduleMtg System CalendarInfo Timetable Scheduler Participant manager Manage CalendarInfo AttendMtg MtgInfo Reporter SuitableTime

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Foreign Ownership, Control or Influence and Foreign Ownership, Control or Influence and Government

Foreign Ownership, Control or Influence and Foreign Ownership, Control or Influence and Government

Presenting a live 90 minute webinar with interactive Q&A Foreign Ownership, Control or Influence and Foreign Ownership, Control or Influence and Government Contractor Security Clearance Mitigating FOCI and Meeting Requirements for National

469 views • 17 slides
Foreign Ownership, Control or Influence and g p, Government Contractor Security Clearance

Foreign Ownership, Control or Influence and g p, Government Contractor Security Clearance

Presenting a live 90 minute webinar with interactive Q&A Foreign Ownership, Control or Influence and g p, Government Contractor Security Clearance Mitigating FOCI and Meeting Requirements for National Interest Determinations TUES DAY,

384 views • 20 slides
Requirements Analysis Modeling Requirements analysis modeling helps transition from elicitation

Requirements Analysis Modeling Requirements analysis modeling helps transition from elicitation

Requirements Analysis Modeling Requirements analysis modeling helps transition from elicitation to specification, from stakeholder to engineering view Analysis the detailed examination of something for explanation or interpretation R.

526 views • 17 slides
Supporting your success Livestock ownership - horses The ownership and identification

Supporting your success Livestock ownership - horses The ownership and identification

Supporting your success Livestock ownership - horses The ownership and identification requirements of horse owners in Western Australia Supporting your success Livestock ownership - horses Biosecurity and Agriculture Management

429 views • 19 slides
Software Requirements Requirements engineering Domain modeling Problem scoping /

Software Requirements Requirements engineering Domain modeling Problem scoping /

Outline Starting point Software Requirements Requirements engineering Domain modeling Problem scoping / decomposition Requirements types Eunjee Song Functional / Non-functional Computer Science Department FURPS+

178 views • 4 slides
1 Representations for requirements Unified Modeling Language UML (1997) Requirement

1 Representations for requirements Unified Modeling Language UML (1997) Requirement

Today CSE 403, Software Engineering Representation of requirements Lecture 4 Use of requirements Key parts of the discussion will (probably) be about process, not Documenting and Using artifacts Requirements Non-functional

358 views • 4 slides
1 Software Safety Specifying safety requirements Safety vs. Reliability Component

1 Software Safety Specifying safety requirements Safety vs. Reliability Component

User requirements CSE 403 Business Requirements Lecture 14 User User Use Cases Requirements Study Safety and Security Requirements Functional Requirements Requirements Documentation Non-functional Requirements Non-functionality

275 views • 3 slides
Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security Requirements (NCSSR) Effective 1 January 2013 No amendments since passed Included in WebTrust Principles and Criteria for Certification

253 views • 7 slides
Data Generated by Connected and Autonomous Vehicles: Ownership, Exploitation, Security, and

Data Generated by Connected and Autonomous Vehicles: Ownership, Exploitation, Security, and

Data Generated by Connected and Autonomous Vehicles: Ownership, Exploitation, Security, and Privacy Daniel A. Crane Frederick Paul Furth, Sr. Professor of Law, University of Michigan Counsel: Paul, Weiss, Rifkind, Wharton & Garrison LLP

676 views • 29 slides
1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

Course Overview Course Requirements EECS 498-7/8 Cryptography and Network Security: www.citi.umich.edu/u/honey/security Principles and Practice (Third Edition) Computer Security Monday & Friday, 9:00 10:30 William Stallings

670 views • 19 slides
Security requirements Term Secuirty requirement A need or restriction from a user, a

Security requirements Term Secuirty requirement A need or restriction from a user, a

Security requirements Term Secuirty requirement A need or restriction from a user, a stakeholder or the environment related to the goal to improve the system security. Holistic security requirement engineering, Computers & Security

216 views • 17 slides
Outline 1 The topic 2 Decision support systems 3 Modeling 3.3 Advanced modeling

Outline 1 The topic 2 Decision support systems 3 Modeling 3.3 Advanced modeling

Outline 1 The topic 2 Decision support systems 3 Modeling 3.3 Advanced modeling Compositional modeling: requirements Conceptual modeling: Why? How? Qualitative modeling: Why? Limitations? Automated model composition Model-Based

564 views • 23 slides
Protective Security Requirements A Risk Based Approach UNCLASSIFIED What is the PSR? .a

Protective Security Requirements A Risk Based Approach UNCLASSIFIED What is the PSR? .a

UNCLASSIFIED Protective Security Requirements A Risk Based Approach UNCLASSIFIED What is the PSR? .a new framework of New Zealand Protective Security Requirements which provides clear guidance and support for State sector departments

353 views • 17 slides
Declassification Options and Requirements Information Security Webinar Marc Brandsness

Declassification Options and Requirements Information Security Webinar Marc Brandsness

6/20/2013 Declassification Options and Requirements Information Security Webinar Marc Brandsness Security Asset Protection Professional Certification (SAPPC) Retired US Air Force-Security Forces with over 25 years of Law Enforcement

307 views • 15 slides
BOE-502-A Law presumes a grant of title is a change in ownership Change in ownership =

BOE-502-A Law presumes a grant of title is a change in ownership Change in ownership =

BOE-502-A Law presumes a grant of title is a change in ownership Change in ownership = reassessment to current market value Presumption: Purchase price = market value PCOR provides information to Assessor: Change in Ownership

232 views • 21 slides
reqT.org Towards a Semi-Formal, Open and Scalable Requirements Modeling Tool Bjrn Regnell

reqT.org Towards a Semi-Formal, Open and Scalable Requirements Modeling Tool Bjrn Regnell

reqT.org Towards a Semi-Formal, Open and Scalable Requirements Modeling Tool Bjrn Regnell cs.lth.se/bjornregnell LundUniversity.lu.se Good enough Requirements? Quality Time 3 software engineering trends D ecentralize, D istribute, D

560 views • 17 slides
Review Gibbs sampling MH with proposal Q( X | X ) = P( X B(i) | X B(i) ) I( X

Review Gibbs sampling MH with proposal Q( X | X ) = P( X B(i) | X B(i) ) I( X

Review Gibbs sampling MH with proposal Q( X | X ) = P( X B(i) | X B(i) ) I( X B(i) = X B(i) ) / #B failure mode: lock-down Relational learning (properties of sets of entities) document clustering,

715 views • 35 slides
Analyzing Neural Language Models Introduction Shane Steinert-Threlkeld Jan 9, 2020 1 Todays

Analyzing Neural Language Models Introduction Shane Steinert-Threlkeld Jan 9, 2020 1 Todays

Analyzing Neural Language Models Introduction Shane Steinert-Threlkeld Jan 9, 2020 1 Todays Plan Motivation / background NLPs ImageNet moment NLPs Clever Hans moment 15 minute break Course information /

1.38k views • 110 slides
CROWD SOURCING C S 1 4 7 PROJECT TEAM Karna Sloane Marie Tina MBA-GSB, 2 nd CS, Senior Year

CROWD SOURCING C S 1 4 7 PROJECT TEAM Karna Sloane Marie Tina MBA-GSB, 2 nd CS, Senior Year

CROWD SOURCING C S 1 4 7 PROJECT TEAM Karna Sloane Marie Tina MBA-GSB, 2 nd CS, Senior Year CS, JuniorYear CS, JuniorYear Year NEEDFINDING METHODOLGY Speaker Speaker/ Audience Engagement Event Manage Audience ment STUDENT Skype

165 views • 14 slides
CBRE GROUP, INC. First Quarter 2013: Earnings Conference Call April 25, 2013 p FORWARD-LOOKING

CBRE GROUP, INC. First Quarter 2013: Earnings Conference Call April 25, 2013 p FORWARD-LOOKING

CBRE GROUP, INC. First Quarter 2013: Earnings Conference Call April 25, 2013 p FORWARD-LOOKING STATEMENTS This presentation contains statements that are forward looking within the meaning of the Private Securities Litigation Reform Act of

592 views • 22 slides
An Algorithm for the Multi-Relational Boolean Factor Analysis based on Essential Elements Martin

An Algorithm for the Multi-Relational Boolean Factor Analysis based on Essential Elements Martin

An Algorithm for the Multi-Relational Boolean Factor Analysis based on Essential Elements Martin Trnecka, Marketa Trneckova DEPARTMENT OF COMPUTER SCIENCE PALACK UNIVERSITY, OLOMOUC CLA: Concept Lattices and Their Applications Koice,

318 views • 17 slides
Language Notes Topic 8: Filler Words, Interjections, and Onomatopoeia 1 What word is the man

Language Notes Topic 8: Filler Words, Interjections, and Onomatopoeia 1 What word is the man

Language Notes Topic 8: Filler Words, Interjections, and Onomatopoeia 1 What word is the man saying or what sound is he making? 2 What word is the woman saying or what sound is she making? 3 What word is the man saying or what

451 views • 8 slides
A E Matthijs Westera Institute for Logic, Language and Computation University of Amsterdam

A E Matthijs Westera Institute for Logic, Language and Computation University of Amsterdam

Why semantics is the wastebasket A E Matthijs Westera Institute for Logic, Language and Computation University of Amsterdam Research Seminar in Logic and Language Tilburg, May 6th 2014 Outline Introduction Warming up: the implicature in

1.3k views • 110 slides
Monday 5th October LO: to be able to find answers in the text and make predictions Read the story

Monday 5th October LO: to be able to find answers in the text and make predictions Read the story

Monday 5th October LO: to be able to find answers in the text and make predictions Read the story carefully then answer the questions. Tuesday 6th October LO: to plan an opening paragraph by creating a setting Last week you created your

594 views • 10 slides

More recommend