Enhancing Secure Tropos to Effectively Deal with Security Requirements in the Development of Multiagent Systems

The consideration of security requirements in the development of multi-agent systems is a very difficult task. However, only few approaches have been proposed that try to integrate security issues as internal part of the development process. Amongst them, secure Tropos has been proposed as a structured approach towards the consideration of security issues in the development of multiagent systems. In this paper we enhance secure Tropos by integrating to its stages: (i) a process for selecting amongst alternative architectural styles using as criteria the security requirements of the system; (ii) a pattern-based approach to transform security requirements to design, and (iii) a security attack scenarios approach to test the developed solution. The electronic single assessment process (eSAP) case study is used to illustrate our approach.

[1]  Stefano Spaccapietra,et al.  Conceptual Modeling — ER 2002 , 2002, Lecture Notes in Computer Science.

[2]  Magnus Boman,et al.  Multi-Agent System Engineering , 1999, Lecture Notes in Computer Science.

[3]  John Mylopoulos,et al.  Towards requirements-driven information systems engineering: the Tropos project , 2002, Inf. Syst..

[4]  M. Huget Nemo : an Agent-Oriented Software Engineering Methodology , 2022 .

[5]  Haralambos Mouratidis,et al.  A Novel Agent-Based System to Support the Single Assessment Process of Older People , 2003, Health Informatics J..

[6]  Milind Tambe,et al.  Intelligent Agents VIII , 2002, Lecture Notes in Computer Science.

[7]  Nicholas R. Jennings Agent-Oriented Software Engineering , 1999, MAAMAW.

[8]  Fausto Giunchiglia,et al.  Tropos: An Agent-Oriented Software Development Methodology , 2004, Autonomous Agents and Multi-Agent Systems.

[9]  James O. Coplien,et al.  Pattern languages of program design , 1995 .

[10]  Haralambos Mouratidis,et al.  Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems , 2003, CAiSE.

[11]  Sami Lehtonen,et al.  Pattern Language for Cryptographic Key Management , 2002, EuroPLoP.

[12]  Haralambos Mouratidis,et al.  Modelling secure multiagent systems , 2003, AAMAS '03.

[13]  John Mylopoulos,et al.  Analyzing security requirements as relationships among strategic actors , 2002 .

[14]  Haralambos Mouratidis,et al.  A security oriented approach in the development of multiagent systems : applied to the management of the health and social care needs of older people in England , 2004 .

[15]  John Mylopoulos,et al.  Reasoning with Goal Models , 2002, ER.

[16]  Haralambos Mouratidis,et al.  A Set of Patterns for Secure Agent Systems , 2003, EuroPLoP.

[17]  Markus Schumacher,et al.  Security Engineering with Patterns , 2003, Lecture Notes in Computer Science.

[18]  Luiz Marcio Cysneiros,et al.  Designing for privacy and other competing requirements , 2002 .

[19]  Haralambos Mouratidis,et al.  A Natural Extension of Tropos Methodology for Modelling Security , 2002 .

[20]  Georg Kösters,et al.  Coupling Use Cases and Class Models , 1997 .

[21]  Premkumar T. Devanbu,et al.  Software engineering for security: a roadmap , 2000, ICSE '00.

[22]  Haralambos Mouratidis,et al.  Security Patterns for Agent Systems , 2003 .

[23]  John Mylopoulos,et al.  A Goal-Based Organizational Perspective on Multi-agent Architectures , 2001, ATAL.

[24]  Joseph W. Yoder,et al.  Architectural Patterns for Enabling Application Security , 1998 .

[25]  Dirk Riehle,et al.  Pattern Languages of Program Design 3 , 1997 .