TRUST TRADE-OFF ANALYSIS FOR SECURITY REQUIREMENTS ENGINEERING Authors: Golnaz Elahi, PhD student at the University of Toronto, Canada Eric Yu, full professor.

Slides:

Advertisements

Similar presentations

As You Begin Your Research … Diljit Singh. Preparing for the Journey.

Advertisements

The Role of a Registry Certificate Authority Some Steps towards Improving the Resiliency of the Internet Routing System: The Role of a Registry Certificate.

1 GRL Introduction Lin Liu University of Toronto April 2001.

Centralize or Decentralize? A Requirements Engineering Perspective on Internet-Scale Architectures Eric Yu University of Toronto July 2000.

<<Date>><<SDLC Phase>>

The Security Analysis Process University of Sunderland CIT304 Harry R. Erwin, PhD.

© Eric Yu Agenda Session 1 – Introduction December 13, 14:30-16:30 Motivations Basic concepts –The Strategic Dependency Model –The Strategic Rationale.

Shou Ray Information Service Co., Ltd.

University of Toronto Department of Computer Science © Steve Easterbrook. This presentation is available free for non-commercial use with attribution.

Projects Key dates lists of suggested projects published * *You are highly encouraged to choose a project yourself or find a relevant project.

CSCI928 Software Engineering Requirements & Specifications Modeling System Interactions Tri A. Kurniawan, M.Eng. Ph.D Candidate

Chapter 1 Assuming the Role of the Systems Analyst

UAMS Department of Biochemistry and Molecular Biology

Analyzing Goal Models – Different Approaches and How to Choose Among Them Jennifer Horkoff 1 Eric Yu 2 1 Department of Computer Science 2 Faculty of Information.

Evaluating Goal Achievement in Enterprise Modeling – An Interactive Procedure and Experiences Jennifer Horkoff 1 Eric Yu 2 1 Department of Computer Science,

Jerry KotubaSYST39409-Object Oriented Methodologies1 Object Oriented Methodologies Week04.

R EFLECTIVE A NALYSIS OF THE S YNTAX AND S EMANTICS OF THE i* F RAMEWORK Jennifer Horkoff, Golnaz Elahi, Samer Abdulhadi, Eric Yu Department of Computer.

SecureTropos ST-Tool A CASE tool for security-aware software requirements analysis Departement of Information and Communication Technology – University.

TC Methodology Massimo Cossentino (Italian National Research Council) Radovan Cervenka (Whitestein Technologies)

TOWARDS ADVANCED GOAL MODEL ANALYSIS WITH JUCMNAV Daniel Amyot, Azalia Shamsaei, Jason Kealey, Etienne Tremblay, Andrew Miga, Gunter Mussbacher, and Mohammad.

Selecting Security Patterns that Fulfill Security Requirements Method presentation by Ondrej Travnicek Utrecht University Method Engineering 2014.

1 GRL Tools JUCMNav vs. OpenOME CSI5112 – Project Winter 2008 Bo Peng, Li Chen, Yessine Daadaa.

Information Systems: Databases Define the role of general information systems Describe the elements of a database management system (DBMS) Describe the.

Loc-based Variability for Mobile Information Systems Raian Ali, Fabiano Dalpiaz, Paolo Giorgini CAiSE’ June 2008.

Applying a Goal-Oriented Method for Hazard Analysis: A Case Study Sam Supakkul The University of Texas at Dallas Lawrence Chung The.

1 Sobah Abbas Petersen Adjunct Associate Professor TDT4252 Modelling of Information Systems Advanced Course Lecture 5: i*modelling.

1 From GORE (not the US presidential candidate) to AORE (Agent-Oriented Requirements Engineering) Eric Yu University of Toronto November 2000.

Smart Searching Library Instruction Fall Breaking down your Topic Imagine the title of the ideal book or magazine article – The virtual economies.

Jan 20-21, 2005Weiss and Amyot, MCETECH 051 Designing and Evolving Business Models with the User Requirements Notation Michael Weiss (Carleton University)

Exploring the Intentional Dimension during Software (Architecture) Design adding the “why” and the “who/where” to the “what” and the “how” Daniel Gross.

© Eric Yu Strategic Actor Relationships Modelling with i* Eric Yu University of Toronto December 13-14, 2001 IRST, Trento, Italy.

S CHOOL OF I NFORMATION T ECHNOLOGY AND E NGINEERING U NIVERSITY OF O TTAWA, C ANADA Daniel Amyot Q18/17 (URN) Rapporteur User Requirements.

Chapter 13 Architectural Design

Approaching a Problem Where do we start? How do we proceed?

Modeling the goal argumentation method By A. J. Jansen.

Analysis Modeling. Function Modeling & Information Flow  Information is transformed as it flows through a computer-based system. The system accepts input.

Qusay H. Mahmoud CIS* CIS* Service-Oriented Computing Qusay H. Mahmoud, Ph.D.

Raian Ali, Fabiano Dalpiaz, Paolo Giorgini Location-based Software Modeling and Analysis: Tropos-based Approach.

Presentation on Issues and Challenges in Evaluation of Agent-Oriented Software Engineering Methodologies By: kanika singhal.

Requirement Engineering for Trust Management : Model, Methodology Reasoning P. Giorgini, F. Massacci, J. Mylopoulos, N. Zannone, “Requirements Engineering.

For Goal-Driven Business Process Modeling Saeed A.Behnam,  Daniel Amyot, Gunter Mussbacher SITE, University of.

1 Evolving System Architecture to Meet Changing Business Goals An Agent and Goal-Oriented Approach Daniel Gross & Eric Yu Faculty of Information Studies.

Economics 1-3: ESSENTIAL QUESTION: What is the relationship between trade-offs and opportunity costs? GPS STANDARD: SSEF2- a.) Illustrate by means of a.

A Goal Based Methodology for Developing Domain-Specific Ontological Frameworks Faezeh Ensan, Weichang Du Faculty of Computer Science, University of New.

Using Meta-Model-Driven Views to Address Scalability in i* Models Jane You Department of Computer Science University of Toronto.

Health eDecisions Use Case 2: CDS Guidance Service Strawman of Core Concepts Use Case 2 1.

Chapter 8 Problem-Solving Using Define, Measure, Analyze, Improve, Control.

1 Proposal Of A Generic Visual Critic Authoring Framework By: Norhayati Mohd.Ali PhD Candidate [1 st Year : PhD] Supervisors: Prof.John Grundy & Prof.John.

Project Thesis 2006 Adapted from Flor Siperstein Lecture 2004 Class CLASS Project Thesis (Fundamental Research Tools)

1 Structuring Knowledge for a Security Trade-offs Knowledge Base Golnaz Elahi Department of Computer Science Eric Yu Faculty of Information Study University.

S CHOOL OF I NFORMATION T ECHNOLOGY AND E NGINEERING U NIVERSITY OF O TTAWA, C ANADA Daniel Amyot Q18/17 (URN) Rapporteur User Requirements.

 2001 John Mylopoulos STRAW’ Software Architectures as Social Structures John Mylopoulos University of Toronto First ICSE Workshop titled “From.

Modeling Test Cases to Multi-Agent Systems Andrew Diniz da Costa

ISI Web of Knowledge update: October What’s New? Conference Proceedings Citation Indexes now in Web of Science –Two editions – Science and Social.

Chapter 13 설계 개념 Architectural Design 임현승 강원대학교 Revised from the slides by Roger S. Pressman and Bruce R. Maxim for the book “Software Engineering: A Practitioner’s.

Seven times table Self test: 8 questions and answers sequentialrandom.

Policy Based Management for Internet Communities Kevin Feeney, Dave Lewis, Vinny Wade, Knowledge and Data Engineering Group Trinity College Dublin Policy.

Method engineering [infome] paper presentation Rodi heijbom

Your Interactive Guide to the Digital World Discovering Computers 2012 Chapter 12 Exploring Information System Development.

A Tool for Trade-off Resolution on Architecture-Centered Software Development Authors: Italo Silva, Patrick Brito, Baldoino Neto, Evandro Costa and Hemilis.

A SYSTEMATIC REVIEW OF THE LITERATURE OF RISK ASSESSMENT APPLICATIONS IN REGULATORY TOXICOLOGY Wen-Sheng Ko 1, Wen-Ta Chiu 2, Wen-Sen Lee 3 and Yuh-Shan.

Chapter 2: Hypothesis development: Where research questions come from.

The Use of Strategic Goal Modeling

Conference on National Platforms for SDG Reporting

Adrian Diaz Eric Clark Tim Peek

Systems Analysis – ITEC 3155 Modeling System Requirements – Part 2

TDT4252 Modelling of Information Systems Advanced Course

Detecting Conflicts of Interest

How to choose a title? Don’t’s:

UAMS Department of Biochemistry and Molecular Biology

Presentation transcript:

TRUST TRADE-OFF ANALYSIS FOR SECURITY REQUIREMENTS ENGINEERING Authors: Golnaz Elahi, PhD student at the University of Toronto, Canada Eric Yu, full professor at the University of Toronto, Canada Presenter: Bas Vlug

About the method Seven step agent- and goal-oriented method for analyzing security requirements 1. Identify actors and actors’ dependencies 2. Model and refine actors’ goals 3. Discover and model trust relationships in the dependency chain 4. Recording trust rationale 5. Replace the trustee party with a corresponding malicious party 6. Model and analyze vulnerabilities 7. Analyze the trust trade-offs Provides the capability to analyze potential malicious behavior of trustee parties

Process- Deliverable Diagram

Example Imagine: an organization wants to make a back-up Alternative: store back-up in the cloud!

Step 1: Identify actors & dependencies

Step 2: Model & refine goals

Step 3: Model trust relationships Step 4: Record trust rationale &

&

&

Step 5: Model malicious party

Step 6: Model vulnerabilities

Intermezzo: Create models for other alternatives! Store back-up locally? Don’t make a back-up at all?

Step 7: Analyze trust trade-offs

AlternativeGoal 1Goal 2Goal 3Goal 4Goal 5 Alternative 1PSFSPDFSPS Alternative 1 counterpart FDPDFDPD Alternative nFSPSFDFS Alternative n counterpart PD FD

Related literature - positioning Agent-oriented modelling notations i* Goal-oriented Requirements Language (GRL) Eric Yu’s seminal proposal Trust trade-off analysis for security requirements engineering TROPOS … (Ayala, C., Cares, C., Carvallo, J., Franch, X., Grau, G., Haya, M., Mayol, E., Quer, C., Salazar, G. (2005). A Comparative Analysis of i*-Based Agent-Oriented Modeling Languages. Proceedings of 17th International Conference on Software Engineering and Knowledge Engineering, Taipei, Taiwan, )

Related literature – contribution Cited 9 times 4x self citation Used for: Even Swaps decision analysis Method that could be used when choosing an alternative from the trust trade-off table Not part of the method itself.

Questions?