Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Goal-oriented Approach to Grid Security Requirements Benjamin Aziz (STFC Rutherford Appleton Laboratory, UK) Joint work with Alvaro Arenas (STFC RAL,

Published byEllen White Modified over 9 years ago

Similar presentations

Presentation on theme: "A Goal-oriented Approach to Grid Security Requirements Benjamin Aziz (STFC Rutherford Appleton Laboratory, UK) Joint work with Alvaro Arenas (STFC RAL,"— Presentation transcript:

1 A Goal-oriented Approach to Grid Security Requirements Benjamin Aziz (STFC Rutherford Appleton Laboratory, UK) Joint work with Alvaro Arenas (STFC RAL, UK), Philippe Massonet (CETIC, Belgium) and Christophe Ponsard (CETIC, Belgium) UK e-Science All Hands Meeting (AHM 2008) W4: Information Assurance for the Grid: Crossing boundaries between stakeholders 10 September 2008, Edinburgh, U.K.

2 Motivation “We need more trust and security reasoning earlier in system development; at the requirement specification stage.” Analysis Requirements Specification Implementation Integration and Testing Operation and Maintenance Design Software Development Current trust and security Future trust and security

3 Objectives Extend a requirement engineering methodology with constructs for expressing trust relations and security policies Apply the extension to a Grid-based scenario Enhance an existing requirement engineering tool to support the new trust and security extensions

4 KAOS in a Nutshell KAOS (Knowledge Acquisition in autOmated Specifications) is a formal requirement engineering methodology consisting of several models including: –The Goal Model –The Operation Model –The Object Model –The Agent Model –The Anti-Goal Model Goals Requirements Operations Objects Agents Anti-Goals Anti- Requirements

5 Our Scenario: Grid-based Content Management (GCM) System Complex digital product VO VO has defined number of member organisations Product generation process is knowledge/content-intensive Product generation process is structured as a workflow Policies may be applied to control usage/access to resources along the workflow

6 The Goal/Operation Models for GCM System

7 The Agent/Operation/Object Models for GCM System

8 Trust and Security Requirements The previous models cannot express trust relations nor security policy requirements The Trust model introduces the following relations: –Ownership, Capability and Trust –Delegation –Distrust and Monitoring The Policy model introduces the policy relation

9 Ownership, Capability and Trust In our GCM system scenario: Trust TrustorEditor Goal[ContentReviewed] TrusteeReviewer DescriptionAgent Editor trusts Reviewer to enforce goal [ContentReviewed] ag G Owner(ag,G/Op) Op / ag G Capable(ag,G/Op) Op / G / ag1ag2 Trust(ag1,ag2,G/Op)

10 Delegation In our GCM system scenario: Delegation DelegatorReviewer OperationReview DelegateeAnotherReviewer PreConditionOwner(Reviewer,Review) DescriptionAgent Reviewer, owner of permission to execute operation Review, delegates such permission to agent AnotherReviewer G Op / ag1ag2 Delegation(ag1,ag2,G/Op) Owner(ag1,G/Op)

11 Monitoring and Distrust In our GCM system scenario: Distrust Dis-trustorReviewer OperationReview Dis-trusteeAnotherReviewer PreConditionMonitor(Reviewer,Review) DescriptionAgent Reviewer, monitoring operation Review, distrusts AnotherReviewer in its use of Review G Op / ag1ag2 Distrust(ag1,ag2,G/Op) Monitor(ag1,G/Op) ag G Monitor(ag,G/Op) Op /

12 Policies In our GCM system scenario: Policy SubjectReviewer OperationReview ObjectContent Formula (Reviewer,Review,Content)  ACL(Content) DescriptionAgent Reviewer, in applying operation Review to object Document, is constrained by the logical formula P Op ag Policy(ag,Op,Ob,F) Ob

13 Tool Support for Grid Security Requirements We are currently developing an Eclipse- based design tool for: –modelling trust requirements –deriving semi-automatically deployable policies from the Policy model: Rule-based XACML policies (ABAC) Process algebra-based policies (UCON)

14 Conclusion Many systems lack rigorous analysis of trust and security properties at the requirement specification stage We proposed one extension of the KAOS requirement engineering methodology to incorporate trust relations and security policies We applied the extension in the context of a Grid-based content management system

15 Future Work Investigate other trust and security relations, in particular, quantified trust We are planning to finish the tool development and produce a library of requirement patterns –E.g. The Chinese-walls security pattern Integrate the requirements into system design –Integrating KAOS with Event-B specification language

16 Thank You Questions?

Download ppt "A Goal-oriented Approach to Grid Security Requirements Benjamin Aziz (STFC Rutherford Appleton Laboratory, UK) Joint work with Alvaro Arenas (STFC RAL,"

Similar presentations

Trust and Security for Next Generation Grids, www.gridtrust.eu Implementing UCON with XACML for Grid Services Bruno Crispo Vrije Universiteit Amsterdam.

Trust and Security for Next Generation Grids, Implementing UCON with XACML for Grid Services Bruno Crispo Vrije Universiteit Amsterdam.
Trust and Security for Next Generation Grids, www.gridtrust.eu Grid Security Requirements Philippe Massonet et al CETIC OGF-25-Presentation Catania, 02-06/03/2009.

Trust and Security for Next Generation Grids, Grid Security Requirements Philippe Massonet et al CETIC OGF-25-Presentation Catania, 02-06/03/2009.
I2S2 - Infrastructure for Integration in Structural Sciences Information Model Development Workshop RAL 11 th February 2010

I2S2 - Infrastructure for Integration in Structural Sciences Information Model Development Workshop RAL 11 th February 2010
Trust and Security for Next Generation Grids, www.gridtrust.eu Fine-grained Continuous Usage Control of Service based Grids – The GridTrust Approach Philippe.

Trust and Security for Next Generation Grids, Fine-grained Continuous Usage Control of Service based Grids – The GridTrust Approach Philippe.
Workpackage 2: Norms www.agreement-technologies.org.

Workpackage 2: Norms
Ontological Logic Programming by Murat Sensoy, Geeth de Mel, Wamberto Vasconcelos and Timothy J. Norman Computing Science, University of Aberdeen, UK 1.

Ontological Logic Programming by Murat Sensoy, Geeth de Mel, Wamberto Vasconcelos and Timothy J. Norman Computing Science, University of Aberdeen, UK 1.
Formalizing Security Requirements for Grids Syed Naqvi 1,2, Philippe Massonet 1, Alvaro Arenas 2 1 Centre of Excellence in Information and Communication.

Formalizing Security Requirements for Grids Syed Naqvi 1,2, Philippe Massonet 1, Alvaro Arenas 2 1 Centre of Excellence in Information and Communication.
LIFE CYCLE MODELS FORMAL TRANSFORMATION

LIFE CYCLE MODELS FORMAL TRANSFORMATION
ITIL: Service Transition

ITIL: Service Transition
Presented by: Thabet Kacem Spring 2010. Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.

Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.
July 11 th, 2005 Software Engineering with Reusable Components RiSE’s Seminars Sametinger’s book :: Chapters 16, 17 and 18 Fred Durão.

July 11 th, 2005 Software Engineering with Reusable Components RiSE’s Seminars Sametinger’s book :: Chapters 16, 17 and 18 Fred Durão.
Irwin/McGraw-Hill Copyright © 2000 The McGraw-Hill Companies. All Rights reserved Whitten Bentley DittmanSYSTEMS ANALYSIS AND DESIGN METHODS5th Edition.

Irwin/McGraw-Hill Copyright © 2000 The McGraw-Hill Companies. All Rights reserved Whitten Bentley DittmanSYSTEMS ANALYSIS AND DESIGN METHODS5th Edition.
Fundamentals of Information Systems, Second Edition

Fundamentals of Information Systems, Second Edition
Lesson-11 Information System Development

Lesson-11 Information System Development
End-to-End Design of Embedded Real-Time Systems Kang G. Shin Real-Time Computing Laboratory EECS Department The University of Michigan Ann Arbor, MI 48019-2122.

End-to-End Design of Embedded Real-Time Systems Kang G. Shin Real-Time Computing Laboratory EECS Department The University of Michigan Ann Arbor, MI
Facilitating Decision making through Knowledge Capitalization of Maintenance Projects Management with KDD technique OLADEJO Bolanle F.(Ph.D) Department.

Facilitating Decision making through Knowledge Capitalization of Maintenance Projects Management with KDD technique OLADEJO Bolanle F.(Ph.D) Department.
● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.

● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.
Methodology and Tools for End-to-End SOA Configurations By: Fumiko satoh, Yuichi nakamura, Nirmal K. Mukhi, Michiaki Tatsubori, Kouichi ono.

Methodology and Tools for End-to-End SOA Configurations By: Fumiko satoh, Yuichi nakamura, Nirmal K. Mukhi, Michiaki Tatsubori, Kouichi ono.
Supporting Resilence in Air Traffic Management A. Tedeschi, M. Felici, V. Meduri, C. Riccucci SERENE 2008 November 17-19, 2008, Newcastle upon Tyne, UK.

Supporting Resilence in Air Traffic Management A. Tedeschi, M. Felici, V. Meduri, C. Riccucci SERENE 2008 November 17-19, 2008, Newcastle upon Tyne, UK.

Similar presentations

Ads by Google