Modelling Security Requirements Through Ownership, Permission and Delegation

Paolo Giorgini

Department of Information and Communication Technology, University of Trento, Italy

Date and time: 11.30am-12.30pm, Friday 11th March, 2005

Venue: 10.08.04

Abstract:

Security Requirements Engineering is emerging as a branch of Software Engineering, spurred by the acknowledgment that security must be considered from the early requirements phase. The last years have seen a number of proposals to incorporate Security Engineering into mainstream Software Requirements Engineering. However, capturing trust and security requirements at an organizational level (as opposed to a design level) is still an open problem.

In this seminar I will present a formal framework for modeling and analyzing security requirements using three main concepts: ownership, permission and delegation. The framework extends the Tropos methodology, an agent-oriented software engineering methodology. I will briefly present also the implemented tool that supports the whole approach.

About the speaker:

Paolo Giorgini is researcher in Computer Science at University of Trento. His research interests include agent-oriented software engineering, multi-agent system modeling and design, knowledge representation and conceptual modeling. He has worked on the development of requirements and design languages for agent-based systems, and the application of knowledge representation techniques to software repositories and software development. He is currently working

in a number of research projects at University of Trento and ITC-irst.

Giorgini received his Ph.D. degree from Computer Science Institute of University of Ancona (Italy) in 1998. Between March and October 1998 he worked at University of Macerata and University of Ancona as research assistant, where he continued to carry out research in agent-based software engineering. In November 1998 he joined the Mechanized Reasoning Group (MRG) at University of Trento as pos-doc researcher. In December 1998 he started a collaboration with the Computer Science Department at University of Toronto (Canada) where he spent several months doing research in agent-based software development methodologies. His publication list includes more than 100 refereed journal and conference proceedings papers and five edited books. He has contributed to the organization of international conferences as chair and program committee member, such as CoopIS, ER, CAiSE, AAMAS, EUMAS, AOSE, AOIS, and ISWC.

Seminar Organisation

Seminars are free and open to the general public. No booking is necessary. If you are interested in giving a presentation in this seminar series, or to make suggestions for speakers, please contact Xiaodong Li, the seminar co-ordinator.