CFP last date
21 October 2024
Reseach Article

Quality Assurance of Security Requirement Engineering in Socio- Technical Systems

by Rida Zainab, Sundas Ashfaq, Mehreen Sirshar
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 111 - Number 9
Year of Publication: 2015
Authors: Rida Zainab, Sundas Ashfaq, Mehreen Sirshar
10.5120/19567-1335

Rida Zainab, Sundas Ashfaq, Mehreen Sirshar . Quality Assurance of Security Requirement Engineering in Socio- Technical Systems. International Journal of Computer Applications. 111, 9 ( February 2015), 35-42. DOI=10.5120/19567-1335

@article{ 10.5120/19567-1335,
author = { Rida Zainab, Sundas Ashfaq, Mehreen Sirshar },
title = { Quality Assurance of Security Requirement Engineering in Socio- Technical Systems },
journal = { International Journal of Computer Applications },
issue_date = { February 2015 },
volume = { 111 },
number = { 9 },
month = { February },
year = { 2015 },
issn = { 0975-8887 },
pages = { 35-42 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume111/number9/19567-1335/ },
doi = { 10.5120/19567-1335 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:47:26.492450+05:30
%A Rida Zainab
%A Sundas Ashfaq
%A Mehreen Sirshar
%T Quality Assurance of Security Requirement Engineering in Socio- Technical Systems
%J International Journal of Computer Applications
%@ 0975-8887
%V 111
%N 9
%P 35-42
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Quality assurance is a continuous process to check whether specified requirements are being fulfilled by a system or service. Quality assurance checks for the defects before they get into the final product. In this research a comprehensive survey of various literatures has been carried out to ensure quality standards. Different quality assurance techniques have been employed in this research that help in improving the quality of the socio technical systems from the perspective of security requirement engineering. The analysis of various type of literature reveals that after applying techniques presented in the literature review shows improvement in the performance of the socio technical systems. Tropos, SeeCo (Security via commitments), formative user centered evaluation technique, three-layer framework, Si*(Secure i*) ontology are the different techniques discussed throughout the research that ensures the quality standards. Some of the quality evaluation tools like STS- tool and STS-ml are also used in the research for quality assurance. This research also assesses the improvements of security requirement engineering in socio technical systems after applying Quality evaluation techniques.

References
  1. F. Dalpiaz, R. Ali, Y. Asnar, V. Bryl and P. Giorgini. "Applying Tropos to Socio-Technical System Design and Runtime Configuration. " in Proc. of Evolution of Agent Development: Methodologies, Tools, Platforms and Languages, 2008. Available: www. troposproject. org/files/dalp-ali-asna-bryl-gior-08-woa. pdf
  2. F. Dalpiaz, E. Paja, and P. Giorgini "Security requirements engineering viacommitments. " in Proc. of first Workshop on Socio-Technical Aspects in Security and Trust STAST, 2011, pp. 1-8. Available:www. troposproject. org/files/dalp-paja- gior-11-stast. pdf
  3. E. Paja, F. Dalpiaz, M. Poggianella, P. Roberti, and P. Giorgini. "STS-Tool: UsingCommitments to Specify Socio-Technical Security Requirements. " in Proc. ER Workshops, 2012, pp. 396-399. Available:www. troposproject. org/view/RequirementsEngineeringpapers
  4. E. Paja, F. Dalpiaz, M. Poggianella, P. Roberti, and P. Giorgini. "STS-tool: Socio-technical Security Requirements through social commitments. "in Proc. RE, 2012,pp. 331-332. Available:www. troposproject. org/files/re12-demo-v03-cr. pdf
  5. E. Paja, F. Dalpiaz, and P. Giorgini. "Managing Security Requirements Conflicts inSocio-Technical Systems. " in Proc. ER, 2013, pp. 270-283. Available:www. sts- tool. eu/doc/publications/paja-dalp-gior-13-er. pdf
  6. E. Paja, F. Dalpiaz, M. Poggianella, P. Roberti, and P. Giorgini. "Specifying andReasoning over Socio-Technical Security Requirements with STS-Tool. " in Proc. ER, pp. 504-507. Available:www. sts-tool. eu/doc/publications/paja-dalp-pogg-robe- gior-13-er. pdf
  7. E. Paja, F. Dalpiaz, M. Poggianella, P. Roberti, and P. Giorgini. "Modelling SecurityRequirements in Socio-Technical Systems with STS-Tool. " in Proc. CAiSE Forum,pp. 155-162. Available: www. ceur-ws. org/Vol-855/paper19. pdf
  8. S. Trösterer, E. Beck, F. Dalpiaz, E. Paja, P. Giorgini, and M. Tscheligi. "FormativeUser-Centered Evaluation of Security Modeling: Results from a Case Study. " in Proc. of International Journal of Secure Software Engineering IJSS, 2012, pp. 1-19. Available: www. disi. unitn. it/~pgiorgio/papers/ijsse12. pdf
  9. T. Li, J. Mylopoulos, and F. Massacci. "Global Design for Secure Socio-TechnicalSystems. " In Proc. of International Symposium on Engineering Secure Software and Systems, 2013. Available: www. ceur-ws. org/Vol-965/paper07- essos2013. pdf
  10. F. Massacci, N. Zannone, J. Mylopoulos. "An Ontology for Secure Socio-Technical Systems" in Handbook of Ontologies for Business Interaction, Pennsylvania: IGI Global, 2007, p. 188-206. Available:security1. win. tue. nl/~zannone/publication/mass-mylo-zann-07-IDEA. pdf
  11. M. Sirshar et al. , "Quality Assurance Standards and Survey of IT Industries, IOSR-JCE, Vol. 10, pp. 65-74, Mar. -Apr. 2013.
  12. Software Quality Attributes-Parameters Explained. 2012, Nov. 4, Retrieved from http://kedar. nitty-witty. com.
  13. H. El-Hadary, S. El-Kassas. "Capturing security requirements for softwaresystems" in Journal of Advanced Research, Journal of Advanced Research, 2014, vol. 5,pp. 463–472 Available: http://www. sciencedirect. com/science/article/pii/S2090123214000332
  14. F. Dalpiaz, E. Paja, P. Giorgin. " Security Requirements Engineering for Service-Oriented Applications" in University of Trento - DISI, 38123, Povo, Trento, Italy. 2011. pp. 102-107. Available:http://www. sts-tool. eu/doc/publications/dalp-paja- gior-11-istar. pdf
  15. P. Blauensteiner, M. Kampel, C. Musik, S. Vogtenhuber. " A Socio-TechnicalApproach for Event Detection in Security Critical Infrastructure" in Computer Vision and Pattern Recognition Workshops (CVPRW), 2010 IEEE Computer Society Conference,2010,pp. 23-30. Available: http://ieeexplore. ieee. org/xpls/abs_all. jsp?arnumber=5543164
  16. J. Pence, Z. Mohaghegh, C. Ostroff, E. Kee, F. Yilmaz, R. Grantom, and D. Johnson. "Toward Monitoring Organizational Safety Indicators by Integrating Probabilistic Risk Assessment, Socio-Technical Systems Theory, and Big Data Analytics" in Probabilistic Safety Assessment and Management PSAM 12, June 2014. Available: http://psam12. org/proceedings/paper/paper_549_1. pdf
  17. C. B. Haley, R. Laney, J. D. Moffett, and B. Nuseibeh. "Security RequirementsEngineering: A Framework for Representation and Analysis" in IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, VOL. 34, NO. 1, JANUARY/FEBRUARY 2008, pp. 133-153. Available: http://ieeexplore. ieee. org/stamp/stamp. jsp?arnumber=4359475
  18. Shrestha, P. L. Hempel, M. D. Sharif, H. Hsiao-Hwa Chen. "Assurance of EnergyEfficiency and Data Security for ECG Transmission in BASNs" in Biomedical Engineering, IEEE Transactions on (Volume: 59, Issue: 4), 2012, pp. 1041 – 1048. Available:http://ieeexplore. ieee. org/xpl/articleDetails. jsp?tp=&arnumber=6122058&r anges%3D2007_2014_p_Publication_Year%26queryText%3Dquality+assurance+in+ security+requiremnents
  19. H. Sun, B. S. Honavar, V. Lutz, R. "Automata-Based Verification of SecurityRequirements of Composite Web Services" in Software Reliability Engineering (ISSRE), 2010 IEEE 21st International Symposium,2010,pp. 348-357. Available: http://ieeexplore. ieee. org/stamp/stamp. jsp?tp=&arnumber=5635065
  20. F. Church, VA. "Assuring mission success: Systems Security Engineering andAssurance MILCOM 2008" in Military Communications Conference, 2008. MILCOM 2008. IEEE, 2008, pp. 1-7. Available:http://ieeexplore. ieee. org/stamp/stamp. jsp?tp=&arnumber=4753123
  21. T. Li, J. Horko. "Dealing with Security Requirements for Socio-TechnicalSystems: A Holistic Approach" in University of Trento, Trento, Italy. Available: disi. unitn. it/~li/papers/caise_14. pdf
  22. P. Giorgini, F. Massacci, and N. Zannone. "Security and Trust RequirementsEngineering" in Department of Information and Communication Technology University of Trento – Italy, pp. 25-28. Available:disi. unitn. it/~massacci/Publications/GIOR-MASS-ZANN-05-FOSAD. pdf
  23. ISO standards 9000 Retrieved from http://www. iso. org/iso/iso_9000.
Index Terms

Computer Science
Information Sciences

Keywords

Quality Assurance Socio technical systems Tropos SeeCo (Security via commitments) Si*(Secure i*) ontology Security Requirement Engineering