Formative User-Centered Evaluation of Security Modeling

2012 ◽  
Vol 3 (1) ◽  
pp. 1-19 ◽  
Author(s):  
Sandra Trösterer ◽  
Elke Beck ◽  
Fabiano Dalpiaz ◽  
Elda Paja ◽  
Paolo Giorgini ◽  
...  
Keyword(s):  
Security Requirements ◽  
Modeling Language ◽  
Complex Activity ◽  
Evaluation Approach ◽  
Security Requirements Engineering ◽  
Security Modeling ◽  
Social Organizational ◽  
High Level ◽  
User Centered

Developing a security modeling language is a complex activity. Particularly, it becomes very challenging for Security Requirements Engineering (SRE) languages where social/organizational concepts are used to represent high-level business aspects, while security aspects are typically expressed in a technical jargon at a lower level of abstraction. In order to reduce this socio-technical mismatch and reach a high quality outcome, appropriate evaluation techniques need to be chosen and carried out throughout the development process of the modeling language. In this article, the authors present and discuss the formative user-centered evaluation approach, namely an evaluation technique that starts since the early design stages and actively involves end-users. The authors demonstrate the approach in a real case study presenting the results of the evaluation. From the gained empirical evidence, we may conclude that formative user-centered evaluation is highly recommended to investigate any security modeling language.

A Tagging Approach to Extract Security Requirements in Non-Traditional Software Development Processes

2014 ◽  
Vol 5 (4) ◽  
pp. 31-47 ◽  
Author(s):  
Annette Tetmeyer ◽  
Daniel Hein ◽  
Hossein Saiedian
Keyword(s):  
Software Development ◽  
Software Security ◽  
Security Requirements ◽  
Software Systems ◽  
Small Organizations ◽  
Pos Tagging ◽  
Part Of Speech ◽  
Security Requirements Engineering ◽  
Development Processes

While software security has become an expectation, stakeholders often have difficulty expressing such expectations. Elaborate (and expensive) frameworks to identify, analyze, validate and incorporate security requirements for large software systems (and organizations) have been proposed, however, small organizations working within short development lifecycles and minimal resources cannot justify such frameworks and often need a light and practical approach to security requirements engineering that can be easily integrated into their existing development processes. This work presents an approach for eliciting, analyzing, prioritizing and developing security requirements which can be integrated into existing software development lifecycles for small organizations. The approach is based on identifying candidate security goals using part of speech (POS) tagging, categorizing security goals based on canonical security definitions, and understanding the stakeholder goals to develop preliminary security requirements and to prioritize them. It uses a case study to validate the feasibility and effectiveness of the proposed approach.

scholarly journals Wiki for knowledge sharing, a user-centred evaluation approach: a case study at STMicroelectronics

2014 ◽  
Vol 18 (6) ◽  
pp. 1217-1232 ◽  
Author(s):  
Manel Brichni ◽  
Nadine Mandran ◽  
Lilia Gzara ◽  
Sophie Dupuy-Chessa ◽  
David Rozier
Keyword(s):  
Knowledge Sharing ◽  
Business Intelligence ◽  
Design Methodology ◽  
Evaluation Methodology ◽  
Content Type ◽  
Evaluation Approach ◽  
User Centered

Purpose – The purpose of this paper is to study how a Wiki is used for knowledge sharing within an organization. Design/methodology/approach – The aim of this research is to evaluate this Wiki performance regarding knowledge sharing objectives. Findings – A Wiki has been deployed since several years within STMicroelectronics Company to improve Business Intelligence teamwork. Originality/value – The proposed evaluation methodology is based on a user-centered approach.

THE SI* MODELING FRAMEWORK: METAMODEL AND APPLICATIONS

2009 ◽  
Vol 19 (05) ◽  
pp. 727-746 ◽  
Author(s):  
NICOLA ZANNONE
Keyword(s):  
Business Processes ◽  
System Development ◽  
Security Requirements ◽  
Modeling Language ◽  
Modeling Languages ◽  
Modeling Framework ◽  
Development Environment ◽  
Design Alternatives ◽  
Security Requirements Engineering ◽  
Early Phases

Security Requirements Engineering is emerging spurred by the realization that security must be dealt from the early phases of the system development process. Modeling languages in this field are challenging as they must provide concepts appropriate in order to talk about security within an organization. In previous work we introduced the SI* modeling language tailored to capture security aspects of socio-technical systems. SI* is founded on four main notions, namely supervision, permission, delegation, and trust. In this paper, we present the SI* metamodel. We also present some frameworks and methodologies founded on this modeling language for the analysis of security and dependability requirements as well as the exploration of design alternatives and the generation of skeletons of secure business processes. The paper also presents a development environment that uses the SI* metamodel as its basis core.

Work Life Balance Of Female Crew In The Aviation Industry: A Case Study

GIS Business ◽  
2019 ◽  
Vol 14 (6) ◽  
pp. 206-212
Author(s):  
Dr. D. Shoba ◽  
Dr. G. Suganthi
Keyword(s):  
Family Life ◽  
Work Life ◽  
Work Life Balance ◽  
Aviation Industry ◽  
Life Balance ◽  
International Airport ◽  
Work Pressure ◽  
Women Employees ◽  
High Level

Employees and employers are facing issues in work life balance. It has become a difficult domain now, because the work needs have increased due to an increase in work pressure and complexities in handling the technology. As there are drastic changes in the rules and regulations in the work scenario of the aviation industry, it makes work life balance of employees difficult and set more hurdles. Hence there are many distractions and imbalances in the life of women employees in the aviation industry working across all levels. This work pressure is creating high level of hurdles in maintaining a harmonious job and family life, especially for female aviation employees. Data is collected from 50 female crew members working at Cochin International Airport. The objective of this study is to analyze the work life balance of working females of Cochin International Airport and its influence on their personal and specialized lives. The result of the study shows that the management should frame certain policies which will help employees to have the balance among their personal and expert lives.

Towards Training Librarian 2.0 through A Community-based Participatory Group Project: A Case Study

2013 ◽  
Author(s):  
Lu Xiao ◽  
Trina Joyce Sajo
Keyword(s):  
Participatory Approach ◽  
Group Project ◽  
Community Based ◽  
Design Decisions ◽  
Etude De Cas ◽  
Étude De Cas ◽  
User Centered

Librarian 2.0 adopts user-centered approach. This paper reports the case study of a community-based participatory approach for training librarian 2.0. The findings suggest that this approach allows the students to practice user-centered interactions, identify and integrate the user’s needs into design decisions, and develop ways of collecting the user’s feedbacks.Les bibliothécaires 2.0 adoptent une approche centrée sur l’utilisateur. Cet article présente une étude de cas sur une approche participative et communautaire visant à former les bibliothécaires 2.0. Les résultats suggèrent que cette approche permet aux étudiants d’interagir avec les usagers, d’identifier les besoins, de les intégrer dans leur processus décisionnel et de développer des moyens de recueillir les commentaires des usagers. 

scholarly journals Spatial Analysis of the Drivers, Characteristics, and Effects of Forest Fragmentation

2021 ◽  
Vol 13 (6) ◽  
pp. 3246
Author(s):  
Zoe Slattery ◽  
Richard Fenner
Keyword(s):  
Forest Fragmentation ◽  
Forest Fires ◽  
Geographical Information ◽  
Agricultural Expansion ◽  
Forest Patches ◽  
Mato Grosso ◽  
Remote Imaging ◽  
Landscape Characteristics ◽  
High Level

Building on the existing literature, this study examines whether specific drivers of forest fragmentation cause particular fragmentation characteristics, and how these characteristics can be linked to their effects on forest-dwelling species. This research uses Landsat remote imaging to examine the changing patterns of forests. It focuses on areas which have undergone a high level of a specific fragmentation driver, in particular either agricultural expansion or commodity-driven deforestation. Seven municipalities in the states of Rondônia and Mato Grosso in Brazil are selected as case study areas, as these states experienced a high level of commodity-driven deforestation and agricultural expansion respectively. Land cover maps of each municipality are created using the Geographical Information System software ArcGIS Spatial Analyst extension. The resulting categorical maps are input into Fragstats fragmentation software to calculate quantifiable fragmentation metrics for each municipality. To determine the effects that these characteristics are likely to cause, this study uses a literature review to determine how species traits affect their responses to forest fragmentation. Results indicate that, in areas that underwent agricultural expansion, the remaining forest patches became more complex in shape with longer edges and lost a large amount of core area. This negatively affects species which are either highly dispersive or specialist to core forest habitat. In areas that underwent commodity-driven deforestation, it was more likely that forest patches would become less aggregated and create disjunct core areas. This negatively affects smaller, sedentary animals which do not naturally travel long distances. This study is significant in that it links individual fragmentation drivers to their landscape characteristics, and in turn uses these to predict effects on species with particular traits. This information will prove useful for forest managers, particularly in the case study municipalities examined in this study, in deciding which species require further protection measures. The methodology could be applied to other drivers of forest fragmentation such as forest fires.

CSim 2

2021 ◽  
Vol 43 (1) ◽  
pp. 1-46
Author(s):  
David Sanan ◽  
Yongwang Zhao ◽  
Shang-Wei Lin ◽  
Liu Yang
Keyword(s):  
Programming Languages ◽  
Concurrent Systems ◽  
Theorem Prover ◽  
Compositional Techniques ◽  
Machine Code ◽  
Top Down ◽  
Hol Theorem Prover ◽  
High Level ◽  
High Degree

To make feasible and scalable the verification of large and complex concurrent systems, it is necessary the use of compositional techniques even at the highest abstraction layers. When focusing on the lowest software abstraction layers, such as the implementation or the machine code, the high level of detail of those layers makes the direct verification of properties very difficult and expensive. It is therefore essential to use techniques allowing to simplify the verification on these layers. One technique to tackle this challenge is top-down verification where by means of simulation properties verified on top layers (representing abstract specifications of a system) are propagated down to the lowest layers (that are an implementation of the top layers). There is no need to say that simulation of concurrent systems implies a greater level of complexity, and having compositional techniques to check simulation between layers is also desirable when seeking for both feasibility and scalability of the refinement verification. In this article, we present CSim 2 a (compositional) rely-guarantee-based framework for the top-down verification of complex concurrent systems in the Isabelle/HOL theorem prover. CSim 2 uses CSimpl, a language with a high degree of expressiveness designed for the specification of concurrent programs. Thanks to its expressibility, CSimpl is able to model many of the features found in real world programming languages like exceptions, assertions, and procedures. CSim 2 provides a framework for the verification of rely-guarantee properties to compositionally reason on CSimpl specifications. Focusing on top-down verification, CSim 2 provides a simulation-based framework for the preservation of CSimpl rely-guarantee properties from specifications to implementations. By using the simulation framework, properties proven on the top layers (abstract specifications) are compositionally propagated down to the lowest layers (source or machine code) in each concurrent component of the system. Finally, we show the usability of CSim 2 by running a case study over two CSimpl specifications of an Arinc-653 communication service. In this case study, we prove a complex property on a specification, and we use CSim 2 to preserve the property on lower abstraction layers.

Sign in / Sign up

Export Citation Format

Share Document