An Ontology for Secure Socio-Technical Systems
نویسندگان
چکیده
Security is often compromised by exploiting vulnerabilities in the interface between the organization and the information systems that support it. This reveals the necessity of modeling and analyzing information systems together with the organizational setting where they will operate. In this chapter we address this problem by presenting a modeling language tailored to analyze the problem of security at an organizational level. This language proposes a set of concepts founded on the notions of permission, delegation, and trust. The chapter also presents a semantics for these concepts, based on Datalog. A case study from the bank domain is employed to illustrate the proposed language.
منابع مشابه
On Supporting a Meta-design Approach in Socio-Technical Ontology Engineering
Many studies have revealed the fact of the complexity of ontology building process. Therefore there is a need for a new approach which one of that addresses the socio-technical aspects in the collaboration to reach a consensus. Meta-design approach is considered applicable as a method in the methodological model of socio-technical ontology engineering. Principles in the meta-design framework ar...
متن کاملSTS-Tool: Security Requirements Engineering for Socio-Technical Systems
We present the latest version of STS-Tool, the modelling and analysis support tool for STS-ml, an actorand goal-oriented security requirements modelling language for socio-technical systems. We show how the STS-Tool supports requirements analysts and security designers in (i) modelling socio-technical systems as a set of interacting actors, who have security needs over their interactions, and (...
متن کاملDesigning Secure Socio-Technical Systems with STS-ml
A Socio-Technical System (STS) is an interplay of humans, organizations and technical systems. STSs consist of interacting actors, which depend on one another to achieve their objectives. In previous work, we have proposed STS-ml, a security requirements modelling language (using i*-like primitives such as actor, goal, delegation) for the design of secure STSs. STS-ml represents security requir...
متن کاملFrom Secure Business Process Models to Secure Artifact-Centric Specifications
Making today’s systems secure is an extremely difficult and challenging problem. Socio and technical issues interplay and contribute in creating vulnerabilities that cannot be easily prevented without a comprehensive engineering method. This paper presents a novel approach to support process-aware secure systems modeling and automated generation of secure artifact-centric implementations. It co...
متن کاملAgent-Based Modelling of Socio-Technical Systems (Agent-Based Social Systems) by Koen H. van Dam, Igor Nikolic and Zofia Lukszo (eds.)
agent based modelling of socio technical systems agent agent-based modeling and analysis of socio-technical systems capturing socio-technical systems with agent-based human behaviour modelling in complex sociotechnical agent-based social systems springer agent based modeling of large-scale socio-technical metal substantiating agent-based quality goals for understanding chapter 9 next steps in m...
متن کامل