Article

Security patterns meet agent oriented software engineering: a complementary solution for developing secure information systems

Authors:

Haralambos Mouratidis,

Paolo GiorginiAuthors Info & Claims

ER'05: Proceedings of the 24th international conference on Conceptual Modeling

Pages 225 - 240

https://doi.org/10.1007/11568322_15

Published: 24 October 2005 Publication History

Abstract

Agent Oriented Software Engineering and security patterns have been proposed as suitable paradigms for the development of secure information systems. However, so far, the proposed solutions are focused on one of these paradigms. In this paper we propose an agent oriented security pattern language and we discuss how it can be used together with the Tropos methodology to develop secure information systems. We also present a formalisation of our pattern language using Formal Tropos. This allows us to gain a deeper understanding of the patterns and their relationships, and thus to assess the completeness of the language.

References

[1]

C. Alexander, S. Ishikawa, and M. Silverstein. A Pattern Language: Towns, Buildings, Constructions, Oxford University Press, 1977.

[2]

E. Amoroso. Fundamentals of Computer Security Technology, Prentice-Hall, 1994.

Digital Library

[3]

P. Bresciani, P. Giorgini, F. Giunchiglia, J. Mylopoulos and A Perini. TROPOS: An Agent Oriented Software Development Methodology. Journal of Autonomous Agents and Multi-Agent Systems, Kluwer, 8(3), 203-236, 2004.

Digital Library

[4]

J. Jürjens, UMLsec: Extending UML for Secure Systems Development, UML 2002, LNCS 2460, 412-425, Springer, 2002.

Digital Library

[5]

A. Dardenne, A. van Lamsweerde and S. Fickas. Goal-directed Requirements Acquisition, Science of Computer Programming, Special issue on the 6th International Workshop of Software Specification and Design, 1991.

Digital Library

[6]

E. Fernandez and R. Pan. A Pattern Language for Security Models, Conference on Patterns Languages of Programs (PLoP), 2001.

[7]

A. Fuxman, Formal Analysis of Early Requirements Specifications, MSc thesis, University of Toronto, Canada, 2001.

[8]

L. Liu, E. Yu and J. Mylopoulos. Analyzing Security Requirements as Relationships Among Strategic Actors, Symposium on Requirements Engineering for Information Security (SREIS), 2002.

Digital Library

[9]

H. Mouratidis, P. Giorgini and M. Weiss. Integrating Patterns and Agent-Oriented Methodologies to Provide Better Solutions for the Development of Secure Agent Systems, Hot Topic on the Expressiveness of Pattern Languages, ChiliPloP, 2003.

[10]

H. Mouratidis, P. Giorgini and G. Manson. When Security meets Software Engineering: A Case of Modelling Secure Information Systems. Information Systems (in press).

Digital Library

[11]

J. Noble. Classifying Relationships between Object-Oriented Design Patterns, Australian Software Engineering Conference (ASWEC), 1998.

Digital Library

[12]

J. Saltzer and M. Schroeder. The Protection of Information in Computer Systems. Proceedings of the IEEE, 63(9), 1278-1308, September 1975.

[13]

M. Schumacher. Security Engineering with Patterns. LNCS 2754, Springer, 2003.

Digital Library

[14]

T. Tryfonas, E. Kiountouzis and A. Poulymenakou. Embedding Security Practices in Contemporary Information Systems Development Approaches, Information Management & Computer Security, 9(4), 183-197, 2001.

[15]

M. Weiss. Pattern Driven Design of Agent Systems: Approach and Case Study. Conference on Advanced Information Systems Engineering (CAiSE), LNCS 2681, Springer, 2003.

Digital Library

[16]

J. Yoder, J. Barcalow, Architectural Patterns for Enabling Application Security, Conference on Pattern Languages of Programs (PLoP), 1997.

Cited By

da Silva Quirino GBarcellos Mde Almeida Falbo RKulesza UPrikladnicki RGerosa MWerner CAndrade R(2018)Visual notations for software pattern languagesProceedings of the XXXII Brazilian Symposium on Software Engineering10.1145/3266237.3266266(72-81)Online publication date: 17-Sep-2018
https://dl.acm.org/doi/10.1145/3266237.3266266
Compagna LEl Khoury PKrausová AMassacci FZannone N(2009)How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patternsArtificial Intelligence and Law10.1007/s10506-008-9067-317:1(1-30)Online publication date: 1-Mar-2009
https://dl.acm.org/doi/10.1007/s10506-008-9067-3
Compagna LKhoury PMassacci FThomas RZannone NGardner AWinkels R(2007)How to capture, model, and verify the knowledge of legal, security, and privacy expertsProceedings of the 11th international conference on Artificial intelligence and law10.1145/1276318.1276346(149-153)Online publication date: 4-Jun-2007
https://dl.acm.org/doi/10.1145/1276318.1276346
Show More Cited By

Security patterns meet agent oriented software engineering: a complementary solution for developing secure information systems
1. Social and professional topics
  1. Computing / technology policy

Recommendations

Software Security Engineering: Design and Applications
Patterns in agent-oriented software engineering
AOSE'02: Proceedings of the 3rd international conference on Agent-oriented software engineering III

In this paper, I will show how the now popular concept of software patterns can be used in agent-oriented software engineering. To this end, I will present a possible structure of a pattern catalog for agent-oriented patterns and introduce a pattern ...
Software-security patterns: degree of maturity
EuroPLoP '15: Proceedings of the 20th European Conference on Pattern Languages of Programs

Since Gamma et al. published their design patterns, patterns are very popular in the area of software engineering. They provide best practice to handle recurring problems during the software development phase. Three years later, security patterns ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

ER'05: Proceedings of the 24th international conference on Conceptual Modeling

October 2005

498 pages

ISBN:3540293892

Editors:
Lois Delcambre
Portland State University, Portland, OR
,
Christian Kop
Institute for Applied Informatics, Alpen-Adria-Universität Klagenfurt, Portland, OR, Austria
,
Heinrich C. Mayr
Institute for Applied Informatics, Alpen-Adria-Universität Klagenfurt, Portland, OR, Austria
,
John Mylopoulos
Institute for Applied Informatics, Dept. of Information Engineering and Computer Science, Portland, OR
,
Oscar Pastor
Department of Information Systems and Computation, Technical University of Valencia, Camino de Vera s/n, Valencia, OR, Spain

Sponsors

The Governor of Carinthia: The Governor of Carinthia
ER Institute: ER Institute
The City Mayor of Klagenfurt: The City Mayor of Klagenfurt

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 24 October 2005

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

da Silva Quirino GBarcellos Mde Almeida Falbo RKulesza UPrikladnicki RGerosa MWerner CAndrade R(2018)Visual notations for software pattern languagesProceedings of the XXXII Brazilian Symposium on Software Engineering10.1145/3266237.3266266(72-81)Online publication date: 17-Sep-2018
https://dl.acm.org/doi/10.1145/3266237.3266266
Compagna LEl Khoury PKrausová AMassacci FZannone N(2009)How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patternsArtificial Intelligence and Law10.1007/s10506-008-9067-317:1(1-30)Online publication date: 1-Mar-2009
https://dl.acm.org/doi/10.1007/s10506-008-9067-3
Compagna LKhoury PMassacci FThomas RZannone NGardner AWinkels R(2007)How to capture, model, and verify the knowledge of legal, security, and privacy expertsProceedings of the 11th international conference on Artificial intelligence and law10.1145/1276318.1276346(149-153)Online publication date: 4-Jun-2007
https://dl.acm.org/doi/10.1145/1276318.1276346
Mouratidis HWeiss M(2006)Patterns for modelling agent systems with troposSoftware Engineering for Multi-Agent Systems IV10.5555/2168358.2168374(207-223)Online publication date: 1-Jan-2006
https://dl.acm.org/doi/10.5555/2168358.2168374

View Options

View options

Figures

Tables

Media

View Table of Conten