Understanding Security Patterns for Socio-technical Systems via Responsibility Modelling

Author

Blyth, Andrew

Author_Institution

Inf. Security Res. Group (ISRG), Univ. of South Wales, Pontypridd, UK

fYear

2014

fDate

7-11 April 2014

Firstpage

417

Lastpage

421

Abstract

Increasingly, security requirements are being viewed as a social construct derived from the culture and society within which the requirement is said to exist. A socio-technical system can be modelled as a series of inter-related, and interacting patterns of behaviour. Within a socio-technical system a security requirements can be derived from the analysis and interaction of the pattern. To capture and understand these requirements/patterns we need to make use of a formal reasoning system that supports a rigorous deductive process. In this paper we will develop a formal model of a socio -- technical systems pattern using a Kripke Semantic model. Then, via the application of Kripke Semantics to the modelling of responsibilities and how they are created/fulfilled within a socio -- context, we will derive a set of security requirements/patterns.

Keywords

human computer interaction; programming language semantics; security of data; social aspects of automation; Kripke semantic model; deductive process; formal reasoning system; responsibility modelling; security patterns; security requirements; socio-technical system; Analytical models; Computational modeling; Context; Security; Semantics; Sociotechnical systems; Accountability; Liability and Culpabilit; Modal Action Logic (MAL); Responsibility Modelling; SocioTechnical System (STS);

fLanguage

English

Publisher

ieee

Conference_Titel

Service Oriented System Engineering (SOSE), 2014 IEEE 8th International Symposium on

Conference_Location

Oxford

Type

conf

DOI

10.1109/SOSE.2014.59

Filename

6830941