CFP last date
20 January 2025
Reseach Article

A Knowledge-Oriented Approach to Security Requirements Engineering for E-Voting System

by P. Salini, S. Kanmani
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 49 - Number 11
Year of Publication: 2012
Authors: P. Salini, S. Kanmani
10.5120/7671-0953

P. Salini, S. Kanmani . A Knowledge-Oriented Approach to Security Requirements Engineering for E-Voting System. International Journal of Computer Applications. 49, 11 ( July 2012), 21-25. DOI=10.5120/7671-0953

@article{ 10.5120/7671-0953,
author = { P. Salini, S. Kanmani },
title = { A Knowledge-Oriented Approach to Security Requirements Engineering for E-Voting System },
journal = { International Journal of Computer Applications },
issue_date = { July 2012 },
volume = { 49 },
number = { 11 },
month = { July },
year = { 2012 },
issn = { 0975-8887 },
pages = { 21-25 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume49/number11/7671-0953/ },
doi = { 10.5120/7671-0953 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:46:01.011649+05:30
%A P. Salini
%A S. Kanmani
%T A Knowledge-Oriented Approach to Security Requirements Engineering for E-Voting System
%J International Journal of Computer Applications
%@ 0975-8887
%V 49
%N 11
%P 21-25
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In this paper, we introduce a knowledge-oriented approach for the Security Requirements Engineering phase for developing E-Voting System. The knowledge acquired through the process of eliciting and analyzing secure E-Voting System is represented in the form of UML models; which can be made available to future developers and the dependency towards security experts can be reduced. In this paper we present a set of security requirements and security requirements patterns that were developed based on the aforementioned approach. Security requirements for modelling have been identified by following the Model Oriented Security Requirements Engineering framework for web applications. The security requirements have been designed into security requirements patterns for creating security requirements ontology for an E-Voting System. The ontology allows all concepts of importance and their relationships to be identified. The paper also compares the approach with other relevant methods in the Security Requirements Engineering phase for developing secure applications.

References
  1. P. Salini and S. Kanmani. "A Model based Security Requirements Engineering Framework applied for Online Trading System". In Proceedings of the IEEE International Conference on Recent Trends in Information Technology (ICRTIT 2011), India, pp. 1195-1202, June 3-5, 2011.
  2. P. Salini and S. Kanmani. "Model Oriented Security Requirements Engineering (MOSRE) Framework for Web Applications". In Proceedings of the Second International Conference on Advances in Computing and Information Technology (ACITY 2012), India, July 13 - 15, 2012, Vol. 2 and in Advances in Intelligent and Soft Computing book Series, Vol. 177, pp. 341-353.
  3. Siponen M. "Analysis of modern IS security development approaches: towards the next generation of social and adaptable ISS methods", Information and Organization, Vol. 15 (4), pp. 339-375.
  4. Raskin V. , Hempelmann C. , Triezenberg K. , and Nirenburg S. "Ontology in Information Security: A Useful Theoretical Foundation and Methodological Tool". In Proceedings of the New Security Paradigms Workshop, 2001, New York, USA, ACM.
  5. Jurjens J. "Towards development of secure systems using UMLsec". Lecture Notes in Computer Science, Vol. 2029:187, 2001.
  6. Mouratidis H. , Giorgini P. , and Manson G. "An Ontology for Modelling Security: The Tropos Project". In Proceedings of the KES 2003 Invited Session Ontology and Multi-Agent Systems Design (OMASD'03), 2003, University of Oxford, United Kingdom.
  7. Basin D. , Doser J. , and Lodderstedt T. "Model driven security for process-oriented systems". In Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies (SACMAT '03), Como, Italy, ACM.
  8. Gamma E. , Helm R. , Johnson R. , and Vlissides J. , Design Patterns: Elements of Reusable Object-Oriented Software, Addison-Wesley, 1995.
  9. N. Yoshioka, H. Washizaki and K. Maruyama. "A survey on security patterns". Progress in Informatics, No. 5, pp. 35-47, 2008.
  10. S. Dritsas, L. Gymnopoulos, M. Karyda, T. Balopoulos, S. Kokolakis, C. Lambrinoudakis and S. Katsikas. "A knowledge-based approach to security requirements for e-health applications". The electronic Journal on Emerging Tools and Applications, In the Special Issue: "Emerging Security Paradigms in the Knowledge Era", Volume 2, issue 1, 2006.
  11. Andrew Simmonds, Peter Sandilands and Louis van Ekert. "A Ontology for Network Security Attacks". Lecture Notes in Computer Science, 2004, Vol. 3285/2004, pp. 317-323.
  12. Andreas Ekelhart, Stefan Fenz, Markus D. Klemen, and Edgar R. Weippl. "Security Ontology: Simulating Threats to Corporate Assets". In Aditya Bagchi & Vijayalakshmi Atluri, ed. ,'Information Systems Security (ICISS'06), Springer, Kolkata, India, pp. 249-259.
  13. Fabio Massacci, John Mylopoulos, Federica Paci, Thein Thun Tun and Yijun Yu. "An Extended Ontology for Security Requirements". Advanced Information Systems Engineering Workshops, Lecture Notes in Business Information Processing, 2011, Vol. 83, Part 10, pp. 622-636.
  14. Azeddine Chikh, Muhammad Abulaish, Syed Irfan Nabi and Khaled Alghathbar. "An Ontology Based Information Security Requirements Engineering Framework". Communications in Computer and Information Science, 2011, Vol. 186, Part 1, pp. 139-146.
  15. Karyda, M. , "An ontology for secure e-government applications". In proceedings of first International Conference on Availability, Reliability and Security (ARES'06). IEEE Computer Society, 2006: p. 1033-1037.
  16. Amina Souag, Camille Salinesi and Isabelle Wattiau. "Ontologies for Security Requirements: A Literature Survey and Classification". In 2nd International Workshop on Information Systems Security Engineering - WISSE'12 conjunction with the 24th International Conference on Advanced Information Systems Engineering CAiSE 2012, 2012, pp. 1-8.
Index Terms

Computer Science
Information Sciences

Keywords

Security Requirements Security Requirements Engineering Security Requirements Patterns Ontology E-Voting System Knowledge-Oriented