Formative User-Centered Evaluation of Security Modeling

Trösterer, Sandra; Beck, Elke; Dalpiaz, Fabiano; Paja, Elda; Giorgini, Paolo; Tscheligi, Manfred

doi:10.4018/jsse.2012010101

Cited by 13 publications

(19 citation statements)

References 21 publications

(29 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Users are all stakeholders who interacted with the modelling language and tool: two programmers, two software analysts, around 20 stakeholders from nurseries' staff/owners/managers. Following [5] users' experience was gathered by the use of forms and by observing their interaction during the use of the model. Forms.…”

Section: Modelling Language Evaluationmentioning

confidence: 99%

“…Following [5] we evaluated our modeling language for reputation system development focusing on the following points: modelling language a usability, detection of missing concepts, usability of graphical representation, concepts' semantics clarity. The usability criteria used in or evaluation are: effectiveness which measures how users are able to achieve their specified goals through design, efficiency which focuses on the effort made by users to learn and use the modelling language, finally satisfaction checks the overall impression collection feedbacks by users.…”

Section: Modelling Language Evaluationmentioning

confidence: 99%

“…The aim of the analysis presented in this paper is to gather feedback on the proposed model from the endusers (requirements engineers and domain experts) through the use of a practical case. The motivation for this analysis is the following: we are currently developing a visual editor to use the proposed modelling language (by extending VDML and ServiceML meta-models on Eclipse Modelling Framework [11]); following [5] we used a formative evaluation to identify problems in the design tool during its development process. We then followed a user-centred design approach focusing on the adequacy of the modelling features for expressing reputation systems concepts as well as the usability of the modelling language through the application on a practical case.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Schooladvise: Designing a Reputation System for Educational Services through Service Design and Business Modeling

Capecchi

Giraudo

Negro³

et al. 2015

2015 IEEE 12th International Conference on E-Business Engineering

View full text Add to dashboard Cite

Abstract-In this paper we analyse the use of an extension of tools for service design and business conceptual modelling toward reputation system design for the realisation of Schooladvise a platform for educational services reputation management. The work described in the present paper originates from the intuition that business process modelling, service design and reputation system modelling share many needs, aims and problems: to represent a variety of entities involved in the related domains, to improve services/business in order to meet the users need; moreover they all involve stakeholders with very different background and skills, a problem known as socio-technical mismatch. The objective and the contribution of the analysis presented in this paper is to gather feedback on the proposed modelling language from the end-users (requirements engineers and domain experts) while applying it to a complex case study.

show abstract

Section: Modelling Language Evaluationmentioning

confidence: 99%

Section: Modelling Language Evaluationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Schooladvise: Designing a Reputation System for Educational Services through Service Design and Business Modeling

Capecchi

Giraudo

Negro³

et al. 2015

2015 IEEE 12th International Conference on E-Business Engineering

View full text Add to dashboard Cite

show abstract

“…This version of the tool is the result of an iterative development process, having been tested on multiple case studies and evaluated with practitioners [4] in the scope of the ;'#6$<(/5: 9')073 …”

Section: Sts-toolmentioning

confidence: 99%

Specifying and Reasoning over Socio-Technical Security Requirements with STS-Tool

Paja

Dalpiaz

Poggianella

et al. 2013

Conceptual Modeling

Self Cite

View full text Add to dashboard Cite

Abstract. STS-Tool is the modelling and analysis support tool for STSml, our proposed actor-and goal-oriented security requirements modelling language for Socio-Technical Systems (STSs). STS-Tool allows designers to model an STS through high-level primitives, to express security constraints over the interactions between the actors in the STS, as well as to derive security requirements once the modelling is completed. The tool features a set of automated reasoning techniques for (i) checking if a given STS-ml model is well-formed, and (ii) determining if the specification of security requirements is consistent, that is, there are no conflicts among security requirements. We have implemented these techniques using disjuntive datalog programs. The Socio-Technical Security modelling languageThe Socio-Technical Security modelling language (STS-ml) [1] is an i * based security requirements modelling language. STS-ml includes high-level organisational primivites such as actor, goal, delegation, etc. A distinguishing feature of STS-ml is the ability to relate security requirements to interactions: actors' security needs constrain the interactions they enter into with other actors. Security requirements are mapped to social commitments [3]-contracts among actors-that actors in the STS shall comply with at runtime. STS-ml modelling uses three complementary views, in which the analyst examines different types of interactions among actors.The formal semantics of STS-ml [2] defines the behavior of STS-ml concepts and relationships, allowing to perform: (i) well-formedness analysis to determine if the model complies with well-formedness rules that are set to preserve the semantics of the STS-ml primitives (e.g., decompositions are not cyclic), and (ii) security analysis, i.e., if there are potential conflicts of security requirements. STS-ToolSTS-Tool is the modelling and analysis support tool for STS-ml. It is an Eclipse Rich Client Platform application written in Java, it is distributed as a compressed archive for multiple platforms (Win 32/64, Mac OS X, Linux), and it is

show abstract

“…Our work on the STS-ml and tool is ongoing as part of the European research project Aniketos 2 . The current version of the tool is a result of an iterative development process, where the release of internal versions of the tool has been followed by evaluation activities [6].…”

Section: Sts-toolmentioning

confidence: 99%

STS-tool: Socio-technical Security Requirements through social commitments

Paja

Dalpiaz

Poggianella

et al. 2012

2012 20th IEEE International Requirements Engineering Conference (RE)

Self Cite

View full text Add to dashboard Cite

Abstract-Security Requirements Engineering (SRE) deals with the elicitation and analysis of security needs to specify security requirements for the system-to-be. In previous work, we have presented STS-ml, a security requirements modelling language for Socio-Technical Systems (STSs) that elicits security needs, using a goal-oriented approach, and derives the security requirements specification based on these needs. Particularly, STS-ml relates security to the interaction among actors in the STS. In this paper, we present STS-Tool, the modelling and analysis support tool for STS-ml. STS-Tool allows designers to model a STS at a high-level of abstraction, while expressing security needs over the interactions between the actors in the STS, and derive security requirements in terms of social commitments-promises with contractual validityonce the modelling is done.

show abstract

Formative User-Centered Evaluation of Security Modeling

Cited by 13 publications

References 21 publications

Schooladvise: Designing a Reputation System for Educational Services through Service Design and Business Modeling

Schooladvise: Designing a Reputation System for Educational Services through Service Design and Business Modeling

Specifying and Reasoning over Socio-Technical Security Requirements with STS-Tool

STS-tool: Socio-technical Security Requirements through social commitments

Contact Info

Product

Resources

About