Skip to main content Skip to search Skip to search

Computers General

Security Requirements Engineering

Designing Secure Socio-Technical Systems

by (author) Fabiano Dalpiaz, Elda Paja & Paolo Giorgini

Publisher
MIT Press
Initial publish date
Jan 2016
Category
General, General
  • Hardback

    ISBN
    9780262034210
    Publish Date
    Jan 2016
    List Price
    $73.00

Add it to your shelf

Where to buy it

Description

A novel, model-driven approach to security requirements engineering that focuses on socio-technical systems rather than merely technical systems.

Security requirements engineering is especially challenging because designers must consider not just the software under design but also interactions among people, organizations, hardware, and software. Taking this broader perspective means designing a secure socio-technical system rather than a merely technical system. This book presents a novel, model-driven approach to designing secure socio-technical systems. It introduces the Socio-Technical Modeling Language (STS-ML) and presents a freely available software tool, STS-Tool, that supports this design approach through graphical modeling, automated reasoning capabilities to verify the models constructed, and the automatic derivation of security requirements documents.

After an introduction to security requirements engineering and an overview of computer and information security, the book presents the STS-ML modeling language, introducing the modeling concepts used, explaining how to use STS-ML within the STS method for security requirements, and providing guidelines for the creation of models. The book then puts the STS approach into practice, introducing the STS-Tool and presenting two case studies from industry: an online collaborative platform and an e-Government system. Finally, the book considers other methods that can be used in conjunction with the STS method or that constitute an alternative to it. The book is suitable for course use or as a reference for practitioners. Exercises, review questions, and problems appear at the end of each chapter.

About the authors

Fabiano Dalpiaz is Assistant Professor in the Department of Information and Computing Sciences at Utrecht University, the Netherlands.

Fabiano Dalpiaz's profile page

Elda Paja is a Postdoctoral Research Fellow in the Department of Engineering and Computer Science at the University of Trento, Italy.

Elda Paja's profile page

Paolo Giorgini is Associate Professor in the Department of Engineering and Computer Science at the University of Trento.

Paolo Giorgini's profile page