Global Design for Secure Socio-Technical Systems
نویسندگان
چکیده
Socio-Technical Systems (STS) consist of people, software, hardware and organizational units. The pervasiveness and complexity of STSs make security analysis both particularly challenging and especially critical. Traditional security analysis techniques that address security in a piecemeal fashion (e.g. only for software, or only for business processes) are insufficient for addressing global security concerns and have been found often to leave serious STS vulnerabilities untreated. In this proposal, we aim at developing a comprehensive framework that consists of concepts, techniques and tools for designing secure STSs. In our framework, a STS consists of organizational goals and security requirements, businesses and industrial processes through which requirements are satisfied, software applications that support those processes, and system infrastructure that supports both processes and applications. We intend to propose a systematic process to analyze and design each part of the STSs, and finally provide an all-round security design for STSs.
منابع مشابه
Docignmg Secure and Usable Systems
People are the weakest link in the security chain” Bruce Schneier The aim of the thesis is to investigate the process of designing secure systems, and how designers can ensure that security mechanisms are usable and effective in practice. The research perspective is one of security as a socio-technical system. A review of the literature of security design and Human Computer Interactions in Secu...
متن کاملSTS-Tool: Security Requirements Engineering for Socio-Technical Systems
We present the latest version of STS-Tool, the modelling and analysis support tool for STS-ml, an actorand goal-oriented security requirements modelling language for socio-technical systems. We show how the STS-Tool supports requirements analysts and security designers in (i) modelling socio-technical systems as a set of interacting actors, who have security needs over their interactions, and (...
متن کاملDesigning Secure Socio-Technical Systems with STS-ml
A Socio-Technical System (STS) is an interplay of humans, organizations and technical systems. STSs consist of interacting actors, which depend on one another to achieve their objectives. In previous work, we have proposed STS-ml, a security requirements modelling language (using i*-like primitives such as actor, goal, delegation) for the design of secure STSs. STS-ml represents security requir...
متن کاملRevealing the Socio-Technical Design of Global E-Businesses: A Case of Digital Artists Engaging in Radical Transparency
Global e-businesses such as Google, Amazon and E-bay affect both users and society. How can society begin to understand this duality in the socio-technical affordances of e-business? This paper examines a digital art performance as an example of the tensions between capitalist businesses and the public commons. Using notions of transparency and knowledge as a form of Knowledge Management rooted...
متن کاملSocio-technical Systems Theory and Environmental Sustainability
This paper argues for the relevance and utility of socio-technical systems theory for designing solutions to the challenges we face from climate change and managing the impact of human activity on the environment. Socio-technical systems theory defines systems as a collection of messy, complex, problem-solving components. This paper identifies two elements of sociotechnical systems theory most ...
متن کامل