Enforcing a security pattern in stakeholder goal models

Yu, Yijun; Kaiya, Haruhiko; Washizaki, Hironori; Xiong, Yingfei; Hu, Zhenjiang and Yoshioka, Nobukazu (2008). Enforcing a security pattern in stakeholder goal models. In: 4th ACM Workshop on Quality of Protection in conjunction with CCS '08, 15th ACM Conference on Computer and Communications Security, 27-31 Oct 2008, Alexandria, VA, USA.

DOI: https://doi.org/10.1145/1456362.1456366

Abstract

Patterns are useful knowledge about recurring problems and solutions. Detecting a security problem using patterns in requirements models may lead to its early solution. In order to facilitate early detection and resolution of security problems, in this paper, we formally describe a role-based access control (RBAC) as a pattern that may occur in stakeholder requirements models. We also implemented in our goal-oriented modeling tool the formally described pattern using model-driven queries and transformations. Applied to a number of requirements models published in literature, the tool automates the detection and resolution of the security pattern in several goal-oriented stakeholder requirements.

Viewing alternatives

Metrics

Item Actions

Export

You can export this page using these formats Digital Object Identifier - DOI