Title :
Understanding Security Patterns for Socio-technical Systems via Responsibility Modelling
Author_Institution :
Inf. Security Res. Group (ISRG), Univ. of South Wales, Pontypridd, UK
Abstract :
Increasingly, security requirements are being viewed as a social construct derived from the culture and society within which the requirement is said to exist. A socio-technical system can be modelled as a series of inter-related, and interacting patterns of behaviour. Within a socio-technical system a security requirements can be derived from the analysis and interaction of the pattern. To capture and understand these requirements/patterns we need to make use of a formal reasoning system that supports a rigorous deductive process. In this paper we will develop a formal model of a socio -- technical systems pattern using a Kripke Semantic model. Then, via the application of Kripke Semantics to the modelling of responsibilities and how they are created/fulfilled within a socio -- context, we will derive a set of security requirements/patterns.
Keywords :
human computer interaction; programming language semantics; security of data; social aspects of automation; Kripke semantic model; deductive process; formal reasoning system; responsibility modelling; security patterns; security requirements; socio-technical system; Analytical models; Computational modeling; Context; Security; Semantics; Sociotechnical systems; Accountability; Liability and Culpabilit; Modal Action Logic (MAL); Responsibility Modelling; SocioTechnical System (STS);
Conference_Titel :
Service Oriented System Engineering (SOSE), 2014 IEEE 8th International Symposium on
Conference_Location :
Oxford
DOI :
10.1109/SOSE.2014.59
