A Framework for Systematic Refinement of Trustworthiness Requirements

Abstract: Abstract:The trustworthiness of systems that support complex collaborative business processes is an emergent property. In order to address users' trust concerns, trustworthiness requirements of software systems must be elicited and satisfied. The aim of this paper is to address the gap that exists between end-users' trust concerns and the lack of implementation of proper trustworthiness requirements. New technologies like cloud computing bring new capabilities for hosting and offering complex collaborative bus… Show more

“…In Reference [52], they have introduced the role-based authentication mechanism, where individuals are certified to use the system through identification and monitoring. In Reference [33], social trust based on security mechanisms have also been introduced, which are used to define trustworthy objects and delegate tasks to other people based on trust [27]. Security is insufficient without the representation of security objectives and their adherence to security requirements [52][53][54][55][56].…”

“…In Reference [53], authors have shown the Confidentiality, Integrity, Availability (CIA) triad as security goals, but they are applied only to pools and use of the security task is also not defined. In Reference [33], authors have presented a broad definition of trustworthiness that includes performance, reliability, usability, and security. They have defined trustworthy goals, threats to trustworthiness, and controls to maintain the trust.…”

“…Threats are known to be dynamic and a similar threat can be applied at different layers of an IS for different purposes [29][30][31]. Most studies [32][33][34][35][36] have shown that security threats are the main part of every security framework and security standard.…”

Security Requirements Engineering Framework with BPMN 2.0.2 Extension Model for Development of Information Systems

“…In Reference [52], they have introduced the role-based authentication mechanism, where individuals are certified to use the system through identification and monitoring. In Reference [33], social trust based on security mechanisms have also been introduced, which are used to define trustworthy objects and delegate tasks to other people based on trust [27]. Security is insufficient without the representation of security objectives and their adherence to security requirements [52][53][54][55][56].…”

“…In Reference [53], authors have shown the Confidentiality, Integrity, Availability (CIA) triad as security goals, but they are applied only to pools and use of the security task is also not defined. In Reference [33], authors have presented a broad definition of trustworthiness that includes performance, reliability, usability, and security. They have defined trustworthy goals, threats to trustworthiness, and controls to maintain the trust.…”

“…Threats are known to be dynamic and a similar threat can be applied at different layers of an IS for different purposes [29][30][31]. Most studies [32][33][34][35][36] have shown that security threats are the main part of every security framework and security standard.…”

Security Requirements Engineering Framework with BPMN 2.0.2 Extension Model for Development of Information Systems

An Approach to Business Process Model Structuredness Analysis: Errors Detection and Cost-Saving Estimation

An Information Technology for Detection and Fixing Effort Estimation of Business Process Model Structuredness Errors