期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于社交关系模型的系统安全分析方法 被引量:1

Security Design Based on Social Modeling
下载PDF
导出
摘要 安全问题已经成为现今信息技术在企业应用中要解决的重要问题,本文提出一种设计安全系统的方法框架,这个方法基于面向主体的需求建模框架i*,通过社交概念模型来分析与安全相关的系统的业务和组织环境.这个方法框架把安全分析和一般的软件工程分析方法结合起来,把安全性和系统相关的其他功能性需求和非功能性需求的共同分析,对需求进行权衡,从系统设计的初始阶段起就把安全措施整合进去.本文通过网上购物的实例用i*图示分析了设计过程中的相关步骤. We propose a methodological framework for designing security systems.This framework is founded on agent-oriented i^* requirement modeling framework. We propose to use social modeling concepts to analyze the business and organizational context of systems with regard to security. This methodological framework encompasses analysis on the functional and non-functional requirements in relevance to security, making trade-off when design, thus integrating security into the system design process from the outset. Tiffs paper uses the Online Ordering example for illustration.
作者 向坚 刘璘 YU Eric
机构地区 清华大学软件学院 多伦多大学信息学院
出处 《电子学报》 EI CAS CSCD 北大核心 2006年第B12期2350-2354,共5页 Acta Electronica Sinica
基金 国家自然科学基金(No.60503030) 清华信息科学与技术国家实验室基础研究基金 国家973重点基础研究计划(No.2002CB312004)
关键词 安全设计 社交关系模型 i^*框架 软件工程 security design social modeling i^* framework software engineering
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献9

  • 1Schneier, B. Beyond Fear, Thinking Sensibly About Security in an Uncertain World[ M]. Copernicus Books, 2003.
  • 2Liu L, Yu E, Mylopoulos J. Security and privacy requirements analysis within a social setting[A] .The 11^th IEEE Int Requirements Engineering Conference ( RE' 03 ) [ C ]. Monterey Bay,California USA, 2003.8 - 12.
  • 3Sandu R. Good-enough security: towards a pragmatic businessdriven discipline[ J] . IEEE Internet Computing. Security Track,2003 .7(1) :66 - 68.
  • 4Chung L, Nixon B A, Yu E, Mylopoulos J. Non-Functional Requirements in Software Engineering [ M ]. Kluwer Academic Publishers, 2000.
  • 5R Falcone, M Singh, Y H Tan, et al. Trust in Cyber-Soeiefies-Integrating the Human and Artificial Perspectives [ M]. Berlin:Springer,2001.175 - 194.
  • 6Yu E. Agent-oriented modelling: software versus the world[A].Agent-Oriented Software Engineering AOSE-2001 Workshop Proceedings[C]. LNCS 2222. Springer Verlag, 2001. 206-225.
  • 7Liu L, Yu E, Mylopoulos J. Security design based on social modeling [ A ]. Proceedings of Thirteenth Annual International Computer Software & Application Conference (COMPSAC)[ C]. Chicago, 2006.71 - 76.
  • 8Schneier B. Attack trees: modeling security threats [ J]. Dr Dobb's Journal, 1999,12(24) :21 - 29.
  • 9Yu E. Towards modeling and reasoning support for early-phase requirement engineering[ A]. Proceedings of the 3^rd IEEE International Symposium on Requirements Engineering(RE97) [ C ].Washington, 1997.226 - 235.

同被引文献8

  • 1Tom DeMarco, Tim Lister. Risk management during requirements[J].IEEE Software,2003,20(5) :99 - 101.
  • 2Feather M S,Comford S L,Hicks K A, Kiper J D,Menzies T. A broad quantitative model for making early requirements decisions[J]. IEEE Software,2008,25(2) :49 - 56.
  • 3Boness K, Finkelstein A, Harrison R. A lightweight technique for assessing risks in requirements analysis[ J ]. IET Software, 2008,2(1) :46 - 57.
  • 4Breciani P, Giorgini P, Giunchiglia F etal. Tropos: an agent-oriented software development methodology[J]. Autonomous Agents and Multi-Agent Systerns,2004,8(3 ):203- 236.
  • 5Ward S. Requirements for an effective project risk mana-gement process[ J ]. Project Management, 1999,30(3) :37 - 43.
  • 6Woolridge R W, McManus D J, Hale J E. Stakeholder risk assessment: an outcome-based approach [ J ]. IEEE Software, 2007,24(2) :36 - 45.
  • 7Wallace L, Keil M. Software project risks and their effect on outcomes[ J]. Communications of the ACM,2004,47(4) :68 - 73.
  • 8吴越,王智学,陈彬.需求模型中目标的关系及其发现方法[J].计算机工程,2008,34(14):35-37. 被引量:3

引证文献1

二级引证文献2

电子学报
2006年 第B12期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部