Filling the gap between requirements engineering and public key/trust management infrastructures

P. Giorgini, F. Massacci, J. Mylopoulos, N. Zannone

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

14 Citations (Scopus)
6 Downloads (Pure)

Abstract

The last years have seen a major interest in designing and deploying trust management and public key infrastructures. Yet, it is still far from clear how one can pass from the organization and system requirements to the actual credentials and attribution of permissions in the PKI infrastructure. Our goal in this paper is filling this gap. We propose a formal framework for modeling and analyzing security and trust requirements, that extends the Tropos methodology for early requirements modeling. The key intuition that underlies our work is the identification of distinct roles for actors that manipulate resources, accomplish goals or execute tasks, and actors that own or permit usage of resources or goals. The paper also presents a simple case study and a PKI/trust management implementation.
Original languageEnglish
Title of host publicationPublic Key Infrastructure (First European PKIWorkshop: Research and Applications, EuroPKI 2004, Samos Island, Greece, June 25-26, 2004, Proceedings)
EditorsS.K. Katsikas, S. Gritzalis, J. Lopez
Place of PublicationBerlin
PublisherSpringer
Pages98-111
ISBN (Print)3-540-22216-2
DOIs
Publication statusPublished - 2004

Publication series

NameLecture Notes in Computer Science
Volume3093
ISSN (Print)0302-9743

Fingerprint

Dive into the research topics of 'Filling the gap between requirements engineering and public key/trust management infrastructures'. Together they form a unique fingerprint.

Cite this