Biblio

Export results:
Author [ Title(Asc)] Type Year
Filters: Author is Javier Lopez and Keyword is Requirements Engineering  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
T
F. Moyano, C. Fernandez-Gago, and J. Lopez, "Towards Engineering Trust-aware Future Internet Systems",
3rd International Workshop on Information Systems Security Engineering (WISSE 2013), X. Franch, and P. Soffer Eds., LNBIP 148, Springer-Verlag, pp. 490-501, Jun 2013. DOI More..

Abstract

Security must be a primary concern when engineering Future Internet (FI) systems and applications. In order to achieve secure solutions, we need to capture security requirements early in the Software Development Life Cycle (SDLC). Whereas the security community has traditionally focused on providing tools and mechanisms to capture and express hard security requirements (e.g. confidentiality), little attention has been paid to other important requirements such as trust and reputation. We argue that these soft security requirements can leverage security in open, distributed, heterogeneous systems and applications and that they must be included in an early phase as part of the development process. In this paper we propose a UML extension for specifying trust and reputation requirements, and we apply it to an eHealth case study.

PDF icon moyano13wisse.pdf (505.78 KB)
P
R. Rios, C. Fernandez-Gago, and J. Lopez, "Privacy-Aware Trust Negotiation",
12th International Workshop on Security and Trust Management (STM), vol. LNCS 9871, Springer, pp. 98-105, 09/2016. DOI More..

Abstract

Software engineering and information security have traditionally followed divergent paths but lately some efforts have been made to consider security from the early phases of the Software Development Life Cycle (SDLC). This paper follows this line and concentrates on the incorporation of trust negotiations during the requirements engineering phase. More precisely, we provide an extension to the SI* modelling language, which is further formalised using answer set programming specifications to support the automatic verification of the model and the detection of privacy conflicts caused by trust negotiations.

PDF icon rios2016b.pdf (237.78 KB)
D. Ferraris, C. Fernandez-Gago, and J. Lopez, "POM: A Trust-based AHP-like Methodology to Solve Conflict Requirements for the IoT",
Collaborative Approaches for Cyber Security in Cyber-Physical Systems, no. Part of the Advanced Sciences and Technologies for Security Applications book series (ASTSA), Springer, pp. 145-170, 01/2023. DOI More..
PDF icon 2013.pdf (433.59 KB)
M
R. Rios, C. Fernandez-Gago, and J. Lopez, "Modelling Privacy-Aware Trust Negotiations",
Computers & Security, vol. 77 , issue August 2018, Elsevier, pp. 773-789, 2018. DOI (I.F.: 3.062)More..

Abstract

Trust negotiations are mechanisms that enable interaction between previously unknown users. After exchanging various pieces of potentially sensitive information, the participants of a negotiation can decide whether or not to trust one another. Therefore, trust negotiations bring about threats to personal privacy if not carefully considered. This paper presents a framework for representing trust negotiations in the early phases of the Software Development Life Cycle (SDLC). The framework can help software engineers to determine the most suitable policies for the system by detecting conflicts between privacy and trust requirements. More precisely, we extend the SI* modelling language and provide a set of predicates for defining trust and privacy policies and a set of rules for describing the dynamics of the system based on the established policies. The formal representation of the model facilitates its automatic verification. The framework has been validated in a distributed social network scenario for connecting drivers with potential passengers willing to share a journey.

Impact Factor: 3.062
Journal Citation Reports® Science Edition (Thomson Reuters, 2018)

PDF icon Ruben2017trust.pdf (425.82 KB)