A Social Ontology for Integrating Security and Software Engineering

2007 ◽  
pp. 70-106 ◽  
Author(s):  
E. Yu ◽  
L. Liu ◽  
J. Mylopoulous
Keyword(s):  
Software Engineering ◽  
Social Ontology ◽  
Software Systems ◽  
Engineering Process ◽  
Future Directions ◽  
The Core ◽  
Modelling Framework ◽  
The Social ◽  
The World ◽  
Software Engineering Process

As software becomes more and more entrenched in everyday life in today’s society, security looms large as an unsolved problem. Despite advances in security mecha-nisms and technologies, most software systems in the world remain precarious and vulnerable. There is now widespread recognition that security cannot be achieved by technology alone. All software systems are ultimately embedded in some human social environment. The effectiveness of the system depends very much on the forces in that environment. Yet there are few systematic techniques for treating the social context of security together with technical system design in an integral way. In this chapter, we argue that a social ontology at the core of a requirements engineering process can be the basis for integrating security into a requirements driven software engineering process. We describe the i* agent-oriented modelling framework and show how it can be used to model and reason about security concerns and responses. A smart card example is used to illustrate. Future directions for a social paradigm for security and software engineering are discussed.

A Social Ontology for Integrating Security and Software Engineering

2008 ◽  
pp. 2462-2491 ◽  
Author(s):  
E. Yu ◽  
L. Liu ◽  
J. Mylopoulous
Keyword(s):  
Software Engineering ◽  
Social Ontology ◽  
Software Systems ◽  
Engineering Process ◽  
Future Directions ◽  
The Core ◽  
Modelling Framework ◽  
The Social ◽  
The World ◽  
Software Engineering Process

As software becomes more and more entrenched in everyday life in today’s society, security looms large as an unsolved problem. Despite advances in security mecha-nisms and technologies, most software systems in the world remain precarious and vulnerable. There is now widespread recognition that security cannot be achieved by technology alone. All software systems are ultimately embedded in some human social environment. The effectiveness of the system depends very much on the forces in that environment. Yet there are few systematic techniques for treating the social context of security together with technical system design in an integral way. In this chapter, we argue that a social ontology at the core of a requirements engineering process can be the basis for integrating security into a requirements driven software engineering process. We describe the i* agent-oriented modelling framework and show how it can be used to model and reason about security concerns and responses. A smart card example is used to illustrate. Future directions for a social paradigm for security and software engineering are discussed.

A Social Ontology for Integrating Security and Software Engineering

2011 ◽  
pp. 148-177
Author(s):  
E. Yu ◽  
L. Liu ◽  
J. Mylopoulos
Keyword(s):  
Software Engineering ◽  
Social Ontology ◽  
Software Systems ◽  
Engineering Process ◽  
Future Directions ◽  
The Core ◽  
Modelling Framework ◽  
The Social ◽  
The World ◽  
Software Engineering Process

As software becomes more and more entrenched in everyday life in today’s society, security looms large as an unsolved problem. Despite advances in security mechanisms and technologies, most software systems in the world remain precarious and vulnerable. There is now widespread recognition that security cannot be achieved by technology alone. All software systems are ultimately embedded in some human social environment. The effectiveness of the system depends very much on the forces in that environment. Yet there are few systematic techniques for treating the social context of security together with technical system design in an integral way. In this chapter, we argue that a social ontology at the core of a requirements engineering process can be the basis for integrating security into a requirements driven software engineering process. We describe the i* agent-oriented modelling framework and show how it can be used to model and reason about security concerns and responses. A smart card example is used to illustrate. Future directions for a social paradigm for security and software engineering are discussed.

A Social Ontology for Integrating Security and Software Engineering

2009 ◽  
pp. 743-772
Author(s):  
E. Yu ◽  
L. Liu ◽  
J. Mylopoulos
Keyword(s):  
Software Engineering ◽  
Social Ontology ◽  
Software Systems ◽  
Engineering Process ◽  
Future Directions ◽  
The Core ◽  
Modelling Framework ◽  
The Social ◽  
The World ◽  
Software Engineering Process

As software becomes more and more entrenched in everyday life in today’s society, security looms large as an unsolved problem. Despite advances in security mechanisms and technologies, most software systems in the world remain precarious and vulnerable. There is now widespread recognition that security cannot be achieved by technology alone. All software systems are ultimately embedded in some human social environment. The effectiveness of the system depends very much on the forces in that environment. Yet there are few systematic techniques for treating the social context of security together with technical system design in an integral way. In this chapter, we argue that a social ontology at the core of a requirements engineering process can be the basis for integrating security into a requirements driven software engineering process. We describe the i* agent-oriented modelling framework and show how it can be used to model and reason about security concerns and responses. A smart card example is used to illustrate. Future directions for a social paradigm for security and software engineering are discussed.

Practical Experience in Customization for a Software Development Process for Small Companies Based on RUP Process and MSF

2011 ◽  
pp. 71-93 ◽  
Author(s):  
Valerio Fernandes del Maschi ◽  
Luciano S. Souza ◽  
Mauro de Mesquita Spínola ◽  
Wilson Vendramel ◽  
Ivanir Costa ◽  
...  
Keyword(s):  
Software Engineering ◽  
Software Development ◽  
Development Process ◽  
Practical Experience ◽  
Software Development Process ◽  
Small Companies ◽  
Engineering Process ◽  
Software Projects ◽  
Software Engineering Process ◽  
Unified Process

The quality in software projects is related the deliveries that are adjusted to the use, and that they take care of to the objectives. In this way, Brazilian organizations of software development, especially the small and medium ones, need to demonstrate to future customers whom an initial understand of the business problem has enough. This chapter has as objective to demonstrate methodology, strategy, main phases and procedures adopted beyond the gotten ones of a small organization of development of software in the implantation of a Customized Software Engineering Process and of a Tool of Support to the Process in the period of 2004 to 2006 on the basis of rational unified process (RUP) and in the Microsoft solutions framework (MSF).

Software Security Engineering

2008 ◽  
pp. 927-942
Author(s):  
Mohammad Zulkernine ◽  
Sheikh I. Ahamed
Keyword(s):  
Software Engineering ◽  
Software Security ◽  
Rapid Development ◽  
Process Models ◽  
Software Systems ◽  
Engineering Process ◽  
Software Life Cycle ◽  
Security Engineering ◽  
Controlled Systems ◽  
Protection Mechanisms

The rapid development and expansion of network-based applications have changed the computing world in the last decade. However, this overwhelming success has an Achilles’ heel: most software-controlled systems are prone to attacks both by internal and external users of the highly connected computing systems. These software systems must be engineered with reliable protection mechanisms, while still delivering the expected value of the software to their customers within the budgeted time and cost. The principal obstacle in achieving these two different but interdependent objectives is that current software engineering processes do not provide enough support for the software developers to achieve security goals. In this chapter, we reemphasize the principal objectives of both software engineering and security engineering, and strive to identify the major steps of a software security engineering process that will be useful for building secure software systems. Both software engineering and security engineering are ever-evolving disciplines, and software security engineering is still in its infancy. This chapter proposes a unification of the process models of software engineering and security engineering in order to improve the steps of the software life cycle that would better address the underlying objectives of both engineering processes. This unification will facilitate the incorporation of the advancement of the features of one engineering process into the other. The chapter also provides a brief overview and survey of the current state-of-the-art of software engineering and security engineering with respect to computer systems.

Sign in / Sign up

Export Citation Format

Share Document