Security Requirements Engineering: Designing Secure Socio-Technical Systems available in Hardcover
![Security Requirements Engineering: Designing Secure Socio-Technical Systems](http://img.images-bn.com/static/redesign/srcs/images/grey-box.png?v11.9.4)
Security Requirements Engineering: Designing Secure Socio-Technical Systems
- ISBN-10:
- 0262034212
- ISBN-13:
- 9780262034210
- Pub. Date:
- 01/22/2016
- Publisher:
- MIT Press
- ISBN-10:
- 0262034212
- ISBN-13:
- 9780262034210
- Pub. Date:
- 01/22/2016
- Publisher:
- MIT Press
![Security Requirements Engineering: Designing Secure Socio-Technical Systems](http://img.images-bn.com/static/redesign/srcs/images/grey-box.png?v11.9.4)
Security Requirements Engineering: Designing Secure Socio-Technical Systems
Hardcover
Buy New
$55.00Buy Used
$17.27-
-
SHIP THIS ITEM
Temporarily Out of Stock Online
Please check back later for updated availability.
-
Overview
Security requirements engineering is especially challenging because designers must consider not just the software under design but also interactions among people, organizations, hardware, and software. Taking this broader perspective means designing a secure socio-technical system rather than a merely technical system. This book presents a novel, model-driven approach to designing secure socio-technical systems. It introduces the Socio-Technical Modeling Language (STS-ML) and presents a freely available software tool, STS-Tool, that supports this design approach through graphical modeling, automated reasoning capabilities to verify the models constructed, and the automatic derivation of security requirements documents.
After an introduction to security requirements engineering and an overview of computer and information security, the book presents the STS-ML modeling language, introducing the modeling concepts used, explaining how to use STS-ML within the STS method for security requirements, and providing guidelines for the creation of models. The book then puts the STS approach into practice, introducing the STS-Tool and presenting two case studies from industry: an online collaborative platform and an e-Government system. Finally, the book considers other methods that can be used in conjunction with the STS method or that constitute an alternative to it. The book is suitable for course use or as a reference for practitioners. Exercises, review questions, and problems appear at the end of each chapter.
Product Details
ISBN-13: | 9780262034210 |
---|---|
Publisher: | MIT Press |
Publication date: | 01/22/2016 |
Series: | Information Systems |
Edition description: | New Edition |
Pages: | 224 |
Product dimensions: | 7.00(w) x 9.10(h) x 0.70(d) |
Age Range: | 18 Years |
About the Author
Elda Paja is a Postdoctoral Research Fellow in the Department of Engineering and Computer Science at the University of Trento, Italy.
Paolo Giorgini is Associate Professor in the Department of Engineering and Computer Science at the University of Trento.
Table of Contents
List of Figures xiii
List of Tables xvii
Preface xix
I Introduction 1
1 Security Requirements Engineering 3
1.1 The dawn of security requirements engineering 3
1.2 The era of socio-technical systems 5
1.3 Security in socio-technical systems 6
1.4 On the need of a new approach 7
1.5 Running example: healthcare 8
2 An Overview of Computer and Information Security 11
2.1 A security taxonomy 12
2.1.1 Confidentiality 12
2.1.2 Integrity 13
2.1.3 Availability 14
2.1.4 Authenticity
2.1.5 Reliability 15
2.1.6 Accountability 15
2.2 Managing security: threat and risk analysis 16
2.2.1 Identification of assets and threats 17
2.2.2 Finding and assessing vulnerabilities 18
2.2.3 Risk assessment 20
2.2.4 Risk response: counter measures 20
2.3 Security mechanisms 22
2.4 Chapter summary 27
2.5 Exercises 27
Review questions 27
II The STS-ml Modeling Language 29
3 The Socio-Technical Security Modeling Language 31
3.1 The ten design principles for STS-ml 31
3.2 Representing actors in socio-technical systems 35
3.2.1 Actor types 35
3.2.2 Actor assets 37
3.2.3 Actor models 41
3.2.4 Structuring information and documents 45
3.3 Modeling the interactions among actors 46
3.4 Events and threats 51
3.5 Expressing security requirements in STS-ml 52
3.5.1 Confidentiality 53
3.5.2 Integrity 58
3.5.3 Availability 60
3.5.4 Authenticity 62
3.5.5 Reliability 64
3.5.6 Accountability 66
3.6 Chapter summary 69
3.7 Exercises 70
Review questions 70
Problems 71
4 Social, Information, and Authorization Views 73
4.1 Multi-view modeling in STS-ml 73
4.2 Social view 74
4.2.1 Concepts and intentional relationships 75
4.2.2 Social relationships 81
4.2.3 Events and threats 82
4.2.4 Security requirements in the social view 82
4.3 Information view 87
4.4 Authorization view 90
4.5 Chapter summary 93
4.6 Exercises 94
Review questions 94
Problems 94
III From STS-ml to the STS Method 97
5 Automated Analysis of STS-ml Models 99
5.1 Model well-formedness analysis 100
5.1.1 Empty diagram 100
5.1.2 Goal single decomposition 100
5.1.3 Delegation child cycle 101
5.1.4 Documents part-of cycle 101
5.1.5 Information part-of cycle 101
5.1.6 Information without ownership 102
5.1.7 Authorizations validity 102
5.1.8 Duplicate authorizations 102
5.2 Requirements conflict analysis: security analysis 103
5.2.1 Conflicting authorizations 103
5.2.2 Conflicts between business policies and security requirements 105
5.3 Threat analysis 112
5.4 Improving a model through analysis 114
5.4.1 Well-formedness analysis 114
5.4.2 Security analysis 115
5.4.3 Threat analysis 116
5.5 Chapter summary 116
5.6 Exercises 117
Review questions 117
Problems 117
6 The Socio-Technical Security Method 119
6.1 Method overview 119
6.2 STS as part of software/systems engineering methods 121
6.3 Process and roles 121
6.4 Phase 1: social modeling 124
6.5 Phase 2: information modeling 125
6.6 Phase 3: authorization modeling 126
6.7 Phase 4: automated analysis 126
6.8 Phase 5: specification 127
6.9 Chapter summary 128
6.10 Exercises 128
Review questions 128
Problems 128
IV STS in Practice: Tool and Case Studies 131
7 STS-Tool 133
7.1 Modeling features 133
7.2 Analysis support 135
7.3 Security requirements derivation 136
7.4 Architectural overview 139
7.5 Chapter summary 140
7.6 Exercises 141
Review questions 141
Problems 141
8 STS Method in Action 143
8.1 Trentino as a Lab 143
8.1.1 Social modeling 144
8.1.2 Information modeling 149
8.1.3 Authorization modeling 152
8.1.4 Automated analysis 154
8.1.5 Specification 158
8.2 E- Government 158
8.2.1 Social modeling- 160
8.2.2 Information modeling 163
8.2.3 Authorization modeling 165
8.2.4 Automated analysis 167
8.2.5 Specification 170
8.3 Chapter summary 171
8.4 Exercises 171
Review questions 171
Problems 172
V Beyond the STS Method 173
9 Alternative and Complementary App roaches 175
9.1 Extensions of use cases 175
9.2 Anti-goals 178
9.3 Abuse frames 179
9.4 SecurcUML 181
9.5 UMLsec 182
9.6 Secure Tropos 184
9.7 SI* 185
9.8 SecBPMN 188
9.9 SQUARE 189
9.10 Stride 191
9.11 Security patterns 192
9.12 Summary 192
9.13 Exercises 194
Review questions 194
Bibliography 195
Index 199
What People are Saying About This
Information security concerns are becoming crucial in a society that increasingly relies on socio-technical systems, where humans and organizations live in cyberspaces governed by technology. How can designers be guided to understand security requirements? How can these be formulated as explicit design goals? How can development of complex socio-technical systems follow such requirements? No other book presently answers these questions. Thanks to the didactic effort of world-leading researchers, you can find a comprehensive set of answers in this book.
Software-intensive systems do not operate in a vacuum: they are typically part of a social environment in which they affect and are affected by phenomena in the real world. This also means that such systems can be adversely affected by misuseintentional or maliciousand, therefore, engineers increasingly carry the responsibility of developing systems that also address a range of security requirements, which also need to be understood, communicated, and subsequently, implemented. This book is a welcome and timely contribution to research and practice in this crucial area of engineering secure systems. Its focus on security requirements deals squarely with the challenge at source: the problem world, where assets, threats, and malicious agents reside.
Software-intensive systems do not operate in a vacuum: they are typically part of a social environment in which they affect and are affected by phenomena in the real world. This also means that such systems can be adversely affected by misuseintentional or maliciousand, therefore, engineers increasingly carry the responsibility of developing systems that also address a range of security requirements, which also need to be understood, communicated, and subsequently, implemented. This book is a welcome and timely contribution to research and practice in this crucial area of engineering secure systems. Its focus on security requirements deals squarely with the challenge at source: the problem world, where assets, threats, and malicious agents reside.
Bashar Nuseibeh, Professor of Computing, The Open University; Professor of Software Engineering, Lero
Information security concerns are becoming crucial in a society that increasingly relies on socio-technical systems, where humans and organizations live in cyberspaces governed by technology. How can designers be guided to understand security requirements? How can these be formulated as explicit design goals? How can development of complex socio-technical systems follow such requirements? No other book presently answers these questions. Thanks to the didactic effort of world-leading researchers, you can find a comprehensive set of answers in this book.
Carlo Ghezzi, Professor of Software Engineering, Politecnico di MilanoSoftware-intensive systems do not operate in a vacuum: they are typically part of a social environment in which they affect and are affected by phenomena in the real world. This also means that such systems can be adversely affected by misuseintentional or maliciousand, therefore, engineers increasingly carry the responsibility of developing systems that also address a range of security requirements, which also need to be understood, communicated, and subsequently, implemented. This book is a welcome and timely contribution to research and practice in this crucial area of engineering secure systems. Its focus on security requirements deals squarely with the challenge at source: the problem world, where assets, threats, and malicious agents reside.
Bashar Nuseibeh, Professor of Computing, The Open University; Professor of Software Engineering, Lero