Security Requirements Engineering: A Modelling Perspective
University of Essex, UK
The increasing demand of modern information systems to process and manage sensitive information and the introduction of relevant technological paradigms (e.g. Big Data, Cloud Computing, Internet of Things) has led researchers and industrialists to rethink the way that security (and its related issues such as trust, privacy and risk) is treated during the information systems development process. In the first part of this lecture, I will discuss the security modelling challenges, which are introduced in such complex systems, and I will outline the requirements that security modelling frameworks should fulfil. In the second part, I will present the foundations of a security modelling methodology, called Secure Tropos. From a theoretical perspective, I will describe its concepts, processes, and reasoning capabilities, while from a practical perspective I will present an ADOxx-based tool and some examples of how it can be used in practice.
Lecture at NEMO2017
Date/Time: Tuesday, July 25, 2017 at 14:30