Today’s software systems are situated within larger socio-technical systems, wherein they interact — by exchanging data and delegating tasks — with other technical components, humans, and organisations. The components (actors) of a socio-technical system are autonomous and loosely controllable. Therefore, when interacting, they may endanger security by, for example, disclosing confidential information, breaking the integrity of others’ data, and relying on untrusted third parties, among others. The design of a secure software system cannot disregard its collocation within a socio-technical context, where security is threatened not only by technical attacks, but also by social and organisational threats. This thesis proposes a tool-supported...
The last years have seen a number of proposals to incorporate Security Engineering into mainstream S...
Abstract. Security has been a growing concern for most large organiza-tions, especially financial an...
Personal data have become a central asset for multiple enterprise applications and online services o...
Modern software systems operate within the context of larger socio-technical sys-tems, wherein they ...
with the elicitation and analysis of security needs to spec-ify security requirements for the system...
Abstract. Requirements are inherently prone to conflicts, for they originate from stakeholders with ...
Abstract. We present the latest version of STS-Tool, the modelling and analysis support tool for STS...
Abstract. STS-Tool is the modelling and analysis support tool for STS-ml, our proposed actor- and go...
Abstract. A Socio-Technical System (STS) is an interplay of humans, organizations and technical syst...
Requirements are conflicting when there exist no system that satisfies them all. Conflicts often ori...
Security has been a growing concern for large organizations, especially financial and gov- ernmental...
Security Requirements Engineering is an emerging field which lies at the crossroads of Security and ...
Abstract. Socio-Technical Systems (STSs) are complex systems composed of both social (i.e., humans a...
Abstract. Composite services foster reuse and efficiency in providing consumers with different funct...
Refining a sociotechnical system (STS) specification with respect to its requirements is a nontrivia...
The last years have seen a number of proposals to incorporate Security Engineering into mainstream S...
Abstract. Security has been a growing concern for most large organiza-tions, especially financial an...
Personal data have become a central asset for multiple enterprise applications and online services o...
Modern software systems operate within the context of larger socio-technical sys-tems, wherein they ...
with the elicitation and analysis of security needs to spec-ify security requirements for the system...
Abstract. Requirements are inherently prone to conflicts, for they originate from stakeholders with ...
Abstract. We present the latest version of STS-Tool, the modelling and analysis support tool for STS...
Abstract. STS-Tool is the modelling and analysis support tool for STS-ml, our proposed actor- and go...
Abstract. A Socio-Technical System (STS) is an interplay of humans, organizations and technical syst...
Requirements are conflicting when there exist no system that satisfies them all. Conflicts often ori...
Security has been a growing concern for large organizations, especially financial and gov- ernmental...
Security Requirements Engineering is an emerging field which lies at the crossroads of Security and ...
Abstract. Socio-Technical Systems (STSs) are complex systems composed of both social (i.e., humans a...
Abstract. Composite services foster reuse and efficiency in providing consumers with different funct...
Refining a sociotechnical system (STS) specification with respect to its requirements is a nontrivia...
The last years have seen a number of proposals to incorporate Security Engineering into mainstream S...
Abstract. Security has been a growing concern for most large organiza-tions, especially financial an...
Personal data have become a central asset for multiple enterprise applications and online services o...