A comparative review of i∗-based and use case-based security modelling initiatives

2012 Sixth International Conference on Research Challenges in Information Science (RCIS) Pub Date : 2012-05-16 DOI:10.1109/RCIS.2012.6240434

O. Daramola, Yushan Pan, P. Kárpáti, G. Sindre

{"title":"A comparative review of i∗-based and use case-based security modelling initiatives","authors":"O. Daramola, Yushan Pan, P. Kárpáti, G. Sindre","doi":"10.1109/RCIS.2012.6240434","DOIUrl":null,"url":null,"abstract":"Security requirements elicitation and modelling are integral for the successful development of secure systems. However, there are a lot of similar yet not identical approaches that currently exist for security requirements modelling, which is confusing for researchers and practitioners hence some characterisation will be useful to give a better overview and understanding of advantages and disadvantages of various approaches. This paper provides a comparative review of i*-based and use case - based security modelling initiatives, using a characterisation framework with several dimensions. Our findings show that both categories of initiatives have significant conceptual similarities in the aspect of modelling language and method process, and coverage of security requirements modelling notions. They have conceptual differences in the aspect of: representation perspective, kind of security requirements engineering activities that are supported, the quality of specification that is generated and the specification techniques used, and the degree of support for software evolution.","PeriodicalId":130476,"journal":{"name":"2012 Sixth International Conference on Research Challenges in Information Science (RCIS)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Sixth International Conference on Research Challenges in Information Science (RCIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RCIS.2012.6240434","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

Security requirements elicitation and modelling are integral for the successful development of secure systems. However, there are a lot of similar yet not identical approaches that currently exist for security requirements modelling, which is confusing for researchers and practitioners hence some characterisation will be useful to give a better overview and understanding of advantages and disadvantages of various approaches. This paper provides a comparative review of i*-based and use case - based security modelling initiatives, using a characterisation framework with several dimensions. Our findings show that both categories of initiatives have significant conceptual similarities in the aspect of modelling language and method process, and coverage of security requirements modelling notions. They have conceptual differences in the aspect of: representation perspective, kind of security requirements engineering activities that are supported, the quality of specification that is generated and the specification techniques used, and the degree of support for software evolution.

查看原文本刊更多论文

基于i *和基于用例的安全建模计划的比较回顾

安全需求的提取和建模对于安全系统的成功开发是不可或缺的。然而，目前存在许多类似但不相同的安全需求建模方法，这让研究人员和从业人员感到困惑，因此一些特征描述将有助于更好地概述和理解各种方法的优缺点。本文使用具有多个维度的表征框架，对基于i*和基于用例的安全建模计划进行了比较回顾。我们的发现表明，这两类计划在建模语言和方法过程以及安全需求建模概念的覆盖方面具有显著的概念相似性。它们在以下方面有概念上的差异:表示角度、所支持的安全需求工程活动的种类、所生成的规范的质量和所使用的规范技术，以及对软件发展的支持程度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2012 Sixth International Conference on Research Challenges in Information Science (RCIS)

自引率

0.00%

发文量