The open archive for STFC research publications

Full Record Details

Persistent URL http://purl.org/net/epubs/work/40452
Record Status Checked
Record Id 40452
Title Security Requirements Elaborations for Grid Data Management Systems
Abstract In this paper, we present a goal-oriented approach to design policies for managing security requirements of critical information infrastructures (CII). The approach, adapted from a standard and widely accepted re-quirements engineering methodology, is applied to the security analysis of a specific CII: Grid Data Man-agement Systems (GDMS). Based on domain ontologies, combining concepts borrowed both from Virtual Organisation and Secure UML, a comprehensive set of GDMS security requirements is elicited and structured first semi-formally then formally. The benefits of the early formalisation are illustrated in term of complete-ness and consistency. A specific security analysis, using anti-goals, is also performed on the resulting formal security model to address the presence of malicious agents. Derivation of security policy from the set of secu-rity requirements is performed, first based on an abstract operationalization, still in the problem domain, and then it is translated into more concrete policy templates using standard policy constructs. Perspectives of the policy refinement and translation on existing policy languages and frameworks are described for its low-level implementation.
Organisation ESC , ESC-IM , STFC
Keywords Security Policy , Grid Security , Requirements Analysis , Engineering , Disitributed Data Management System
Funding Information
Related Research Object(s):
Licence Information:
Language English (EN)
Type Details URI(s) Local file(s) Year
Journal Article International Journal of System of Systems Engineering (2008). IJSSE07_RequirementsGDMS2006.pdf 2008