{"title":"基于问题的用户信任需求的可信赖性推导","authors":"N. Mohammadi, Nelufar Ulfat-Bunyadi, M. Heisel","doi":"10.1109/PST.2018.8514183","DOIUrl":null,"url":null,"abstract":"The trustworthiness of cyber-physical systems (CPS) that support complex collaborative business processes is an emergent property. New technologies like cloud computing bring new capabilities for hosting and offering complex collaborative business operations. However, these advances might introduce new vulnerabilities and threats caused by collaboration and data exchange over the Internet. Hence, users become more concerned about trust. In order to address users’ trust concerns, trustworthiness requirements for the CPS must be elicited and satisfied. They describe the properties (qualities) the CPS must possess in order to be trustworthy. In this paper, we suggest a problem-based requirements engineering method that supports specifically the derivation of trustworthiness requirements. Based on identified trust concerns of users, trust assumptions are made explicit in problem diagrams. They express the conditions under which users are willing to trust. The problem diagrams and trust assumptions are then refined until they are concrete enough to derive trustworthiness requirements from them. During the refinement process, trust assumptions may influence and modify the system design (and vice versa, i.e., due to a certain system design, new trust concerns may arise that need to be addressed). In this way, users’ trust concerns are considered right from the beginning and trustworthiness is designed into the CPS. An application example from the healthcare domain is used to demonstrate our approach.","PeriodicalId":265506,"journal":{"name":"2018 16th Annual Conference on Privacy, Security and Trust (PST)","volume":"183 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Problem-based Derivation of Trustworthiness Requirements from Users’ Trust Concerns\",\"authors\":\"N. Mohammadi, Nelufar Ulfat-Bunyadi, M. Heisel\",\"doi\":\"10.1109/PST.2018.8514183\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The trustworthiness of cyber-physical systems (CPS) that support complex collaborative business processes is an emergent property. New technologies like cloud computing bring new capabilities for hosting and offering complex collaborative business operations. However, these advances might introduce new vulnerabilities and threats caused by collaboration and data exchange over the Internet. Hence, users become more concerned about trust. In order to address users’ trust concerns, trustworthiness requirements for the CPS must be elicited and satisfied. They describe the properties (qualities) the CPS must possess in order to be trustworthy. In this paper, we suggest a problem-based requirements engineering method that supports specifically the derivation of trustworthiness requirements. Based on identified trust concerns of users, trust assumptions are made explicit in problem diagrams. They express the conditions under which users are willing to trust. The problem diagrams and trust assumptions are then refined until they are concrete enough to derive trustworthiness requirements from them. During the refinement process, trust assumptions may influence and modify the system design (and vice versa, i.e., due to a certain system design, new trust concerns may arise that need to be addressed). In this way, users’ trust concerns are considered right from the beginning and trustworthiness is designed into the CPS. An application example from the healthcare domain is used to demonstrate our approach.\",\"PeriodicalId\":265506,\"journal\":{\"name\":\"2018 16th Annual Conference on Privacy, Security and Trust (PST)\",\"volume\":\"183 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 16th Annual Conference on Privacy, Security and Trust (PST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PST.2018.8514183\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 16th Annual Conference on Privacy, Security and Trust (PST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PST.2018.8514183","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Problem-based Derivation of Trustworthiness Requirements from Users’ Trust Concerns
The trustworthiness of cyber-physical systems (CPS) that support complex collaborative business processes is an emergent property. New technologies like cloud computing bring new capabilities for hosting and offering complex collaborative business operations. However, these advances might introduce new vulnerabilities and threats caused by collaboration and data exchange over the Internet. Hence, users become more concerned about trust. In order to address users’ trust concerns, trustworthiness requirements for the CPS must be elicited and satisfied. They describe the properties (qualities) the CPS must possess in order to be trustworthy. In this paper, we suggest a problem-based requirements engineering method that supports specifically the derivation of trustworthiness requirements. Based on identified trust concerns of users, trust assumptions are made explicit in problem diagrams. They express the conditions under which users are willing to trust. The problem diagrams and trust assumptions are then refined until they are concrete enough to derive trustworthiness requirements from them. During the refinement process, trust assumptions may influence and modify the system design (and vice versa, i.e., due to a certain system design, new trust concerns may arise that need to be addressed). In this way, users’ trust concerns are considered right from the beginning and trustworthiness is designed into the CPS. An application example from the healthcare domain is used to demonstrate our approach.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
