paper index | HOME

Title: Enforcing a Security Pattern in Stakeholder Goal Models
Author(s): Yijun Yu, Haruhiko Kaiya, Hironori Washizaki, Yingfei Xiong, Zhenjiang Hu, and Nobukazu Yoshioka.
Source: In Proc. of the 2008 ACM workshop on Quality of protection (QoP'08), pp. 9-13, Alexandria, Virginia, USA, Oct. 2008.

Patterns are useful knowledge about recurring problems and solutions. Detecting a security problem using patterns in requirements models may lead to its early solution. In order to facilitate early detection and resolution of security problems, in this paper, we formally describe a role-based access control (RBAC) as a pattern that may occur in stakeholder requirements models. We also implemented in our goal-oriented modeling tool the formally described pattern using model-driven queries and transformations. Applied to a number of requirements models published in literature, the tool automates the detection and resolution of the security pattern in several goal-oriented stakeholder requirements.
Related Paper(s):