The consideration of security requirements in the development of multi-agent systems is a very difficult task. However, only few approaches have been proposed that try to integrate security issues as internal part of the development process. Amongst them, secure Tropos has been proposed as a structured approach towards the consideration of security issues in the development of multiagent system...

Risk assessment and access control are important issues in cloud computing. In this paper, we propose a formal approach to risk assessment for RBAC Systems, in which access control decisions are taken after consideration of risk assessment. The risk assessment method considers partial orderings on objects and actions, which allow us to effectively capture the notions of importance of objects an...

This paper introduces an original security testing approach guided by risk assessment, by means of risk coverage, to perform and automate vulnerability testing for Web applications. This approach, called Risk-Based Vulnerability Testing, adapts Model-Based Testing techniques, which are mostly used currently to address functional features. It also extends Model-Based Vulnerability Testing techni...

The complexity of finenciel decision-making problems is such that automation of the reasoning process by conventionel approaches is often incomplete or inadequete. This paper describes CREDEX. s knowledge-based system which is being developed to assist bank-loan officers in interpreting end evaluating the activities of firms applying for a loan. CREDEX is written in SNARK. It integrates shallow...

SUMMARY The success of any project can be affected by requirements changes. Requirements elicitation is a series of activities of adding, deleting, and modifying requirements. We refer to the completion of requirements elicitation of a software component as requirements matura-tion. When the requirements of each component have reached the 100% maturation point, no requirement will come to the c...

Computer networks are present throughout all sectors of our critical infrastructure and these networks are under a constant threat of cyber attack. One prevalent computer network threat takes advantage of unauthorized, and thus insecure, hardware on a network. This paper presents a prototype simulation system for network risk assessment that is intended for use by administrators to simulate and...

A fundamental problem for case-based reasoning systems is how to select relevant prior cases. Numerous strategies have been developed for determining the similarity of prior cases, given full descriptions of the problem at hand, and situation assessment methods have been developed for formulating appropriate initial case descriptions. However, in real-world applications, attempting to determine...

The implementation-service-effect (ISE) metamodel is a general framework for modeling critical infrastructures that can integrate several different perspectives. The metamodel has a technical basis and also provides the abstractions needed for risk assessment and management of critical infrastructures in complex environments. ISE supports an iterative modeling approach that continuously refines...