Contextualizing Security Goals: A Method for Multilateral Security Requirements Elicitation

In networked environments, the importance of eliciting security requirements as part of the process of requirements elicitation is increasing. Yet, it is difficult to articulate what security requirements are and how they can be elicited and implemented in the system. Few security requirements elicitation methods deal with the security needs of the end-users in specific contexts towards other end-users of the system – who may or may not be malicious. Often the affects of the users’ social as well as functional roles on their security interests are disregarded. The goal of this paper is to attend to these problems by introducing a method that integrates the process of eliciting security requirements of the end-users into the requirements elicitation process of a multilaterally secure system. Throughout the method emphasis is put on contextualizing security goals by analyzing the different viewpoints: whose security goal is it? against whom? for which functionality? which other users have a mutual interest in or conflict with the given security goal?