A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs
نویسندگان
چکیده
In designing software systems, security is typically only one design objective among many. It may compete with other objectives such as functionality, usability, and performance. Too often, security mechanisms such as firewalls, access control, or encryption are adopted without explicit recognition of competing design objectives and their origins in stakeholder interests. Recently, there is increasing acknowledgement that security is ultimately about trade-offs. One can only aim for “good enough” security, given the competing demands from many parties. In this paper, we examine how conceptual modeling can provide explicit and systematic support for analyzing security trade-offs. After considering the desirable criteria for conceptual modeling methods, we examine several existing approaches for dealing with security trade-offs. From analyzing the limitations of existing methods, we propose an extension to the i* framework for security trade-off analysis, taking advantage of its multi-agent and goal orientation. The method was applied to several case studies used to exemplify existing approaches.
منابع مشابه
Modeling and analysis of security trade-offs - A goal oriented approach
In designing software systems, security is typically only one design objective among many. It may compete with other objectives such as functionality, usability, and performance. Too often, security mechanisms such as firewalls, access control, or encryption are adopted without explicit recognition of competing design objectives and their origins in stakeholders’ interests. Recently, there is i...
متن کاملGoal-Oriented Security Trade-Off Modeling and Analysis with Knowledge Support
In designing software systems, security is typically only one design objective among many, which may compete with other objectives such as privacy and usability. Too often, security mechanisms are adopted without explicit recognition of competing design objectives and their origins in stakeholder interests. Ultimately, security is about balancing the trade-offs among the competing goals of mult...
متن کاملA Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs with Knowledge Support By
In designing software systems, security is typically only one design objective among many. It may compete with other objectives such as functionality, usability, and performance. Too often, security mechanisms such as firewalls, access control, or encryption are adopted without explicit recognition of competing design objectives and their origins in stakeholder interests. Recently, there is inc...
متن کاملModeling and Analyzing Openness Trade-Offs in Software Platforms: A Goal-Oriented Approach
[Context and motivation] Open innovation is becoming an important strategy in software development. Following this strategy, software companies are increasingly opening up their platforms to third-party products for extension and completion. [Question / problem] Opening up software platforms to thirdparty applications often involves difficult trade-offs between openness requirements and critica...
متن کامل