Enforcing a security pattern in stakeholder goal models

Yijun Yu, Haruhiko Kaiya, Hironori Washizaki, Yingfei Xiong, Zhenjiang Hu, Nobukazu Yoshioka

Research output: Chapter in Book/Report/Conference proceedingConference contribution

14 Citations (Scopus)

Abstract

Patterns are useful knowledge about recurring problems and solutions. Detecting a security problem using patterns in requirements models may lead to its early solution. In order to facilitate early detection and resolution of security problems, in this paper, we formally describe a role-based access control (RBAC) as a pattern that may occur in stakeholder requirements models. We also implemented in our goal-oriented modeling tool the formally described pattern using model-driven queries and transformations. Applied to a number of requirements models published in literature, the tool automates the detection and resolution of the security pattern in several goal-oriented stakeholder requirements.

Original languageEnglish
Title of host publicationProceedings of the 4th ACM Workshop on Quality of Protection, QoP'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
Pages9-13
Number of pages5
DOIs
Publication statusPublished - 2008 Dec 1
Event4th ACM Workshop on Quality of Protection, QoP'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08 - Alexandria, VA, United States
Duration: 2008 Oct 272008 Oct 31

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Conference

Conference4th ACM Workshop on Quality of Protection, QoP'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
CountryUnited States
CityAlexandria, VA
Period08/10/2708/10/31

Keywords

  • Goal models
  • Model transformations
  • RBAC
  • Security patterns

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Enforcing a security pattern in stakeholder goal models'. Together they form a unique fingerprint.

Cite this