Finding and Resolving Security Misusability with Misusability Cases

Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and vice- versa. One way of using scenarios to bridge security and usability involves explicitly describing how design deci- sions can lead to users inadvertently exploiting vulnera- bilities to carry out their production tasks. This paper describes how misusability cases, scenarios that describe how design decisions may lead to usability problems sub- sequently leading to system misuse, address this problem. We describe the related work upon which misusability cases are based before presenting the approach, and illus- trating its application using a case study example. Finally, we describe some findings from this approach that further inform the design of usable and secure systems

Identifying Implicit Vulnerabilities through Personas as Goal Models

When used in requirements processes and tools, personas have the potential to identify vulnerabilities resulting from misalignment between user expectations and system goals. Typically, however, this potential is unfulfilled as personas and system goals are captured with different mindsets, by different teams, and for different purposes. If personas are visualised as goal models, it may be easier for stakeholders to see implications of their goals being satisfied or denied, and designers to incorporate the creation and analysis of such models into the broader RE tool-chain. This paper outlines a tool-supported approach for finding implicit vulnerabilities from user and system goals by reframing personas as social goal models. We illustrate this approach with a case study where previously hidden vulnerabilities based on human behaviour were identified

Formalizing and Modeling Enterprise Architecture (EA) Principles with Goal-oriented Requirements Language (GRL)

Item does not contain fulltex

Enhancing Goal-based Requirements Consistency: an Argumentation-based Approach

International audienceRequirements engineering research has for long recognized the leading role of goals as requirement artifacts during the requirements engineering specification processes. Given the large number of artifacts created during the requirements specification and the continuous evolution of these artifacts, reasoning about them remains a challenging task. Moreover, the rising complexity of the target domain under consideration during the requirements engineering process as well as the growth of geographically distributed projects explain why the number of collected requirements as well as their complexity also increase. In this context, providing support to stakeholders in achieving a common understanding of a set of goal-based requirements, in consolidating them and keeping them consistent over time is another challenging task. In this paper, we propose an approach to detect consistent sets of goal-based requirements and maintain their consistency over time. Our approach relies on argumentation theory which allows to detect the conflicts among elements called arguments. In particular, we rely on meta-argumentation, which instantiates abstract argumentation frameworks, where requirements are represented as arguments and the standard Dung-like argumentation framework is extended with additional relations between goal-based requirements

A synthesis of atmospheric mercury depletion event chemistry in the atmosphere and snow

It was discovered in 1995 that, during the spring time, unexpectedly low concentrations of gaseous elemental mercury (GEM) occurred in the Arctic air. This was surprising for a pollutant known to have a long residence time in the atmosphere; however conditions appeared to exist in the Arctic that promoted this depletion of mercury (Hg). This phenomenon is termed atmospheric mercury depletion events (AMDEs) and its discovery has revolutionized our understanding of the cycling of Hg in Polar Regions while stimulating a significant amount of research to understand its impact to this fragile ecosystem. Shortly after the discovery was made in Canada, AMDEs were confirmed to occur throughout the Arctic, sub-Artic and Antarctic coasts. It is now known that, through a series of photochemically initiated reactions involving halogens, GEM is converted to a more reactive species and is subsequently associated to particles in the air and/or deposited to the polar environment. AMDEs are a means by which Hg is transferred from the atmosphere to the environment that was previously unknown. In this article we review Hg research taken place in Polar Regions pertaining to AMDEs, the methods used to collect Hg in different environmental media, research results of the current understanding of AMDEs from field, laboratory and modeling work, how Hg cycles around the environment after AMDEs, gaps in our current knowledge and the future impacts that AMDEs may have on polar environments. The research presented has shown that while considerable improvements in methodology to measure Hg have been made but the main limitation remains knowing the speciation of Hg in the various media. The processes that drive AMDEs and how they occur are discussed. As well, the role that the snow pack and the sea ice play in the cycling of Hg is presented. It has been found that deposition of Hg from AMDEs occurs at marine coasts and not far inland and that a fraction of the deposited Hg does not remain in the same form in the snow. Kinetic studies undertaken have demonstrated that bromine is the major oxidant depleting Hg in the atmosphere. Modeling results demonstrate that there is a significant deposition of Hg to Polar Regions as a result of AMDEs. Models have also shown that Hg is readily transported to the Arctic from source regions, at times during springtime when this environment is actively transforming Hg from the atmosphere to the snow and ice surfaces. The presence of significant amounts of methyl Hg in snow in the Arctic surrounding AMDEs is important because this species is the link between the environment and impacts to wildlife and humans. Further, much work on methylation and demethylation processes has occurred but these processes are not yet fully understood. Recent changes in the climate and sea ice cover in Polar Regions are likely to have strong effects on the cycling of Hg in this environment; however more research is needed to understand Hg processes in order to formulate meaningful predictions of these changes

Mechanism of effector capture and delivery by the type IV secretion system from Legionella pneumophila

Legionella pneumophila is a bacterial pathogen that utilises a Type IV secretion (T4S) system to inject effector proteins into human macrophages. Essential to the recruitment and delivery of effectors to the T4S machinery is the membrane-embedded T4 coupling complex (T4CC). Here, we purify an intact T4CC from the Legionella membrane. It contains the DotL ATPase, the DotM and DotN proteins, the chaperone module IcmSW, and two previously uncharacterised proteins, DotY and DotZ. The atomic resolution structure reveals a DotLMNYZ hetero-pentameric core from which the flexible IcmSW module protrudes. Six of these hetero-pentameric complexes may assemble into a 1.6-MDa hexameric nanomachine, forming an inner membrane channel for effectors to pass through. Analysis of multiple cryo EM maps, further modelling and mutagenesis provide working models for the mechanism for binding and delivery of two essential classes of Legionella effectors, depending on IcmSW or DotM, respectively