Towards the development of secure information systems: Security Reference Diagram and Security Attack Scenarios

Security is one of the main challenges that developers of information systems face. However, current methodologies for information system development do not provide enough evidence of integrating successfully security concerns throughout the whole range of the development process. In this paper, we provide an approach towards the solution of two of the problems associated with the integration of security. Moreover, we describe how our approach can be integrated within the Tropos methodology and we illustrate it with the aid of a real-life example

Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems

Security is a crucial issue for information systems. Traditionally, security is considered after the definition of the system. However, this approach often leads to problems, which translate into security vulnerabilities. From the viewpoint of the traditional security paradigm, it should be possible to eliminate such problems through better integration of security and systems engineering. This paper argues for the need to develop a methodology that considers security as an integral part of the whole system development process. The paper contributes to the current state of the art by proposing an approach that considers security concerns as an integral part of the entire system development process and by relating this approach with existing work. The different stages of the approach are described with the aid of a case study; a health and social care information system

When Security meets Software Engineering: A case of modelling secure information systems

Although security is a crucial issue for information systems, traditionally, it is considered after the definition of the system. This approach often leads to problems, which most of the times translate into security vulnerabilities. From the viewpoint of the traditional security paradigm, it should be possible to eliminate such problems through better integration of security and software engineering. This paper firstly argues for the need to develop a methodology that considers security as an integral part of the whole system development process, and secondly it contributes to the current state of the art by proposing an approach that considers security concerns as an integral part of the entire system development process and by relating this approach with existing work. The different stages of the approach are described with the aid of a real-life case study; a health and social care information system

Secure Tropos: A Security-Oriented Extension of the Tropos methodology

Although security plays an important role in the development of multiagent systems, a careful analysis of software development processes shows that the definition of security requirements is, usually, considered after the design of the system. One of the reasons is the fact that agent oriented software engineering methodologies have not integrated security concerns throughout their developing stages. The integration of security concerns during the whole range of the development stages can help towards the development of more secure multiagent systems. In this paper we introduce extensions to the Tropos methodology to enable it to model security concerns throughout the whole development process. A description of the new concepts and modelling activities is given along with a discussion on how these concepts and modelling activities are integrated to the current stages of Tropos. A real life case study from the health and social care sector is used to illustrate the approach

Progressing problems from requirements to specifications in problem frames

One of the problems with current practice in software development is that often customer requirements are not well captured, understood and analysed, and there is no clear traceable path from customer requirements to software specifications. This often leads to a mismatch between what the customer needs and what the software developer understands the customer needs. In addition to capturing, understanding and analysing requirements, requirements engineering (RE) aims to provide methods to allow software development practitioners to derive software specifications from requirements. Although work exists towards this aim, the systematic derivation of specifications from requirements is still an open problem. This thesis provides practical techniques to implement the idea of problem progression as the basis for transforming requirements into specifications. The techniques allow us to progress a software problem towards identifying its solution by carefully investigating the problem context and re-expressing the requirement statement until a specification is reached. We develop two classes of progression techniques, one formal, based on Hoare’s Communicating Sequential Processes (CSP), and one semi-formal, based on a notion of causality between events. The case studies in this thesis provide some validation for the techniques we have developed

The Tropos Modeling Language. A User Guide

Tropos e` una nuova metodologia basata sul paradigma dei sistemi multi-agente che supporta il progettista in tutto il processo di sviluppo del software, dall'analisi dei requisiti all'implementazione del sistema. Essa vuole offrire un approccio strutturato allo sviluppo del software, basato sulla costruzione di modelli concettuali definiti secondo un linguaggio di modellazione visuale, i cui elementi base sono concetti quali agente (attore), credenze, obiettivi, piani e intenzioni. Tropos si caratterizza per tre idee chiave: (i) le nozioni di agente, goal, piani e altre nozioni mentalistiche sono usate lungo tutte le fasi di sviluppo del software; (ii) l'adozione di un approccio allo sviluppo del software guidato dai requisiti anziché dai vincoli dettati dalla piattaforma di implementazione scelta; (iii) la costruzione di modelli concettuali seguendo un approccio trasformazionale di tipo incrementale. Questo lavoro si colloca all'interno di un progetto che coinvolge diverse università e istituti di ricerca nel mondo, tra le quali l'Università degli Studi di Trento e l'ITC-irst. Obiettivo di questo documento è quello di fornire una guida all'uso della metodologia Tropos lungo tutte le fasi del processo di sviluppo del software con particolare enfasi al linguaggio di modellazione visuale. Il linguaggio utilizzato in Tropos è un linguaggio di specifica semiformale caratterizzato da un'ontologia, un meta-modello, una notazione grafica e un insieme di regole. L'ontologia è rappresentata da un insieme di concetti per la modellazione (attori, goal, piani) e di relazioni tra questi (dipendenze). Il meta-modello (descritto tramite diagrammi delle classi UML) è necessario per la specifica dei modelli Tropos. Ciascun concetto definito all'interno del meta-modello dispone della propria rappresentazione grafica che lo identifica lungo tutte le fasi del processo. Sono disponibili vari diagrammi che catturano aspetti statici e dinamici dei modelli da più punti di vista. Ogni diagramma è costruito seguendo un insieme di regole precise che guidano all'uso dei concetti durante le diverse fasi del processo di sviluppo del software

A security oriented approach in the development of multiagent systems : applied to the management of the health and social care needs of older people in England.

Security can play an important role in the development of some multi agent systems. However, a careful analysis of software development processes indicates that the definition of security requirements is, usually, considered after the design of the system. This approach, usually, leads to problems, such as conflicts between security and functional requirements, which can translate into security vulnerabilities. As a result, the integration of security issues in agent oriented software engineering methodologies has been identified as an important issue. Nevertheless, developers of agent oriented software engineering methodologies have mainly neglected security engineering and in fact very little evidence has been reported on work that integrates security issues into the development stages of agent oriented software engineering methodologies. This thesis advances the current state of the art In agent oriented software engineering in many ways. It identifies problems associated with the integration of security and software engineering and proposes a set of minimum requirements that a security oriented process should demonstrate. It extends the concepts and the development process of the Tropos methodology with respect to security to allow developers, even those with minimum security knowledge, to identify desired security requirements for their multi agent systems, reason about them, and as a result develop a system that satisfies its security requirements. In doing so, this research has developed (1) an analysis technique to enable developers to select amongst alternative architectural styles using as criteria the security requirements of the system, (2) a pattern language consisting of security patterns for multi agent systems, and (3) a scenario-based technique that allows developers to test the reaction of the system to potential attacks. The applicability of the approach is demonstrated by employing it in the development of the electronic single assessment process (eSAP) system, a real-life case study that provided the initial motivation for this research

A Methodology for Modelling Mobile Agent-Based Systems (Mobile agent Mobility Methodology - MaMM)

Mobile agents are a particular type of agents that have all the characteristics of an agent and also demonstrate the ability to move or migrate from one node to another in a network environment. Mobile agents have received considerable attention from industry and the research community in recent times due to the fact that their special characteristic of migration help address issues such as network overload, network latency and protocol encapsulation. Due to the current focus in exploiting agent technology mainly in a research environment, there has been an influx of software engineering methodologies for developing multi-agent systems. However, little attention has been given to modelling mobile agents. For mobile agent-based systems to become more widely accepted there is a critical need for a methodology to be developed to address various issues related to modelling mobility of agent . This research study provides an overview of the current approaches, methodologies and modelling languages that can be used for developing multi-agent systems. The overview indicates extensive research on methodologies for modelling multi-agent systems and little on mobility in mobile agent-based systems. An original contribution in this research known as Mobile agent-based Mobility Methodology (MaMM) is the methodology for modelling mobility in mobile agent-based systems using underlying principles of Genetic Algorithms (GA) with emphasis on fitness functions and genetic representation. Delphi study and case studies were employed in carrying out this research