A framework for privacy-enhanced access control analysis in requirements engineering

Access control is a major security mechanism for achieving confidentiality and integrity in software systems. Specifying access control policies is a tedious and error-prone process and needs requirements-level analysis support. Given that there is no systematic method in requirements engineering (RE) for access control analysis, we present a comprehensive set of criteria to support this kind of analysis. We survey several existing RE approaches and compare their ability to support access control analysis. We present an analytical framework that guides the analysis of: data, goal/scenario-based tasks, organizational structures, and information flows. Our framework has at least two advantages. First, unlike other RE methodologies, it provides systematic support for access control analysis. Second, it supports analysis of privacy-enhanced features in access control. We employ a healthcare example to illustrate how to apply the framework.

[1]  Lin Liu,et al.  Modelling Trust for System Design Using the i* Strategic Actors Framework , 2000, Trust in Cyber-societies.

[2]  John Mylopoulos,et al.  Security and privacy requirements analysis within a social setting , 2003, Proceedings. 11th IEEE International Requirements Engineering Conference, 2003..

[3]  Axel van Lamsweerde,et al.  Managing Conflicts in Goal-Driven Requirements Engineering , 1998, IEEE Trans. Software Eng..

[4]  Günter Karjoth,et al.  A privacy policy model for enterprises , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[5]  Gill Smith,et al.  Object-oriented analysis , 1988, WADAS '88.

[6]  E. B. Fernandez,et al.  Determining role rights from use cases , 1997, RBAC '97.

[7]  Mark Strembeck,et al.  A scenario-driven role engineering process for functional RBAC roles , 2002, SACMAT '02.

[8]  Q. He A Framework for Modeling Privacy Requirements in Role Engineering , 2003 .

[9]  Grady Booch,et al.  Object-Oriented Analysis and Design with Applications , 1990 .

[10]  Annie I. Antón,et al.  Precluding incongruous behavior by aligning software requirements with security and privacy policies , 2003, Inf. Softw. Technol..

[11]  Glenn H. MacEwen,et al.  A logic for reasoning about security , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[12]  Gail-Joon Ahn,et al.  A role-based delegation framework for healthcare information systems , 2002, SACMAT '02.

[13]  John Mylopoulos,et al.  Representing and Using Nonfunctional Requirements: A Process-Oriented Approach , 1992, IEEE Trans. Software Eng..

[14]  Jonathan D. Moffett,et al.  Control principles and role hierarchies , 1998, RBAC '98.

[15]  E. Letier,et al.  Goal-Oriented Elaboration of Security Requirements , 2001 .

[16]  Sushil Jajodia,et al.  Provisions and Obligations in Policy Rule Management , 2003, Journal of Network and Systems Management.

[17]  Bashar Nuseibeh,et al.  Modelling access policies using roles in requirements engineering , 2003, Inf. Softw. Technol..

[18]  Ravi S. Sandhu,et al.  Framework for role-based delegation models , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[19]  Tiffany Barnes,et al.  An integrated scenario management strategy , 1999, Proceedings IEEE International Symposium on Requirements Engineering (Cat. No.PR00188).

[20]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[21]  Edward Yourdon,et al.  Object-oriented analysis (2nd ed.) , 1991 .

[22]  John Mylopoulos,et al.  Non-Functional Requirements in Software Engineering , 2000, International Series in Software Engineering.

[23]  Eric S. K. Yu,et al.  Modeling organizations for information systems requirements engineering , 1993, [1993] Proceedings of the IEEE International Symposium on Requirements Engineering.

[24]  Michael Waidner,et al.  Platform for Enterprise Privacy Practices: Privacy-Enabled Management of Customer Data , 2002, Privacy Enhancing Technologies.

[25]  Nicodemos Constantinou Damianou,et al.  A policy framework for management of distributed systems , 2002 .

[26]  Philippe Massonet,et al.  Goal-directed elaboration of requirements for a meeting scheduler: problems and lessons learnt , 1995, Proceedings of 1995 IEEE International Symposium on Requirements Engineering (RE'95).

[27]  R. Califf,et al.  Health Insurance Portability and Accountability Act (HIPAA): must there be a trade-off between privacy and quality of health care, or can we advance both? , 2003, Circulation.

[28]  Eric S. K. Yu,et al.  Designing for Privacy in a Multi-agent World , 2002, Trust, Reputation, and Security.

[29]  Jeremy L. Jacob,et al.  The role-based access control system of a European bank: a case study and discussion , 2001, SACMAT '01.

[30]  Qingfeng He,et al.  The complexity underlying jetblue.s privacy policy violations , 2003 .

[31]  Konstantin Beznosov Requirements for access control: US Healthcare domain , 1998, RBAC '98.

[32]  Lawrence Chung,et al.  Dealing with Security Requirements During the Development of Information Systems , 1993, CAiSE.

[33]  Axel van Lamsweerde,et al.  Formal refinement patterns for goal-driven requirements elaboration , 1996, SIGSOFT '96.

[34]  Eric S. K. Yu,et al.  Towards modelling and reasoning support for early-phase requirements engineering , 1997, Proceedings of ISRE '97: 3rd IEEE International Symposium on Requirements Engineering.

[35]  Edward J. Coyne Role engineering , 1996, RBAC '95.