Enforcing a security pattern in stakeholder goal models

Yijun Yu, Haruhiko Kaiya, Hironori Washizaki, Yingfei Xiong, Zhenjiang Hu, Nobukazu Yoshioka

Research output: Chapter in Book/Report/Conference proceedingConference contribution

13 Citations (Scopus)

Abstract

Patterns are useful knowledge about recurring problems and solutions. Detecting a security problem using patterns in requirements models may lead to its early solution. In order to facilitate early detection and resolution of security problems, in this paper, we formally describe a role-based access control (RBAC) as a pattern that may occur in stakeholder requirements models. We also implemented in our goal-oriented modeling tool the formally described pattern using model-driven queries and transformations. Applied to a number of requirements models published in literature, the tool automates the detection and resolution of the security pattern in several goal-oriented stakeholder requirements.

Original languageEnglish
Title of host publicationProceedings of the 4th ACM Workshop on Quality of Protection, QoP'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
Pages9-13
Number of pages5
DOIs
Publication statusPublished - 2008 Dec 1
Event4th ACM Workshop on Quality of Protection, QoP'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08 - Alexandria, VA, United States
Duration: 2008 Oct 272008 Oct 31

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Conference

Conference4th ACM Workshop on Quality of Protection, QoP'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
CountryUnited States
CityAlexandria, VA
Period08/10/2708/10/31

Keywords

  • Goal models
  • Model transformations
  • RBAC
  • Security patterns

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Enforcing a security pattern in stakeholder goal models'. Together they form a unique fingerprint.

  • Cite this

    Yu, Y., Kaiya, H., Washizaki, H., Xiong, Y., Hu, Z., & Yoshioka, N. (2008). Enforcing a security pattern in stakeholder goal models. In Proceedings of the 4th ACM Workshop on Quality of Protection, QoP'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08 (pp. 9-13). (Proceedings of the ACM Conference on Computer and Communications Security). https://doi.org/10.1145/1456362.1456366