Visible to the public Usable Formal Methods for the Design and Composition of Security and Privacy Policies (CMU/UTSA Collaborative Proposal) - January 2015

Submitted by Jamie Presken on Tue, 12/02/2014 - 11:08am

Public Audience
Purpose: To highlight progress. Information is generally at a higher level which is accessible to the interested public.

PI(s): Travis Breaux (CMU), Jianwei Niu (UTSA)
Researchers:

1) HARD PROBLEM(S) ADDRESSED (with short descriptions)

This refers to Hard Problems, released November 2012.

Metrics

Human Behavior

Hard Problems Addressed:

* Security-Metrics-Driven-Evaluation, Design, Development and Deployment. Our research evaluates how designers select and apply security patterns in response to attack patterns. The evaluation is based on metrics embodied in formal models of attack scenarios that will be used to measure security risk and promote risk reduction strategies based on assurance cases constructed by the analyst.

* Understanding and Accounting for Human Behavior. Our research applies theory from psychology concerning how designers comprehend and interpret their environment, how they plan and project software-based solutions into the future, with the aim of better understanding how these activities exist in designing more secure systems. These are not typical models of attackers and defenders, but models of developer behavior, including our ability to influence that behavior with tool-based interventions.

2) PUBLICATIONS
Report papers written as a results of this research. If accepted by or submitted to a journal, which journal. If presented at a conference, which conference.

1. Hui Shen, Ram Krishnan, Rocky Slavin, and Jianwei Niu. "Sequence Diagram Aided Privacy Policy Specification", accepted for publication: IEEE Transactions on Dependable and Secure Computing in Fall 2014.


2. H. Hibshi, T. Breaux, M. Riaz, L. Williams. "Discovering Decision-Making Patterns for Security Novices and Experts", In Submission: IEEE Symposium on Security and Privacy, 2015.


3. H. Hibshi, T. Breaux, M. Riaz, L. Williams. "A Framework to Measure Experts' Decision Making in Security Requirements Analysis," IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering, pp. 13-18, 2014.


4. R. Slavin, J.-M. Lehker, J. Niu, T. Breaux. "Managing Security Requirement Patterns Using Feature Diagram Hierarchies," IEEE 22nd International Requirements Engineering Conference, pp. 193-202, 2014.


5. Slankas, J., Riaz, M. King, J., Williams, L. "Discovering Security Requirements from Natural Language," IEEE 22nd International Requirements Engineering Conference, 2014.


6. Rao, H. Hibshi, T. Breaux, J-M. Lehker, J. Niu, "Less is More? Investigating the Role of Examples in Security Studies using Analogical Transfer," 2014 Symposium and Bootcamp on the Science of Security (HotSoS), Article 7.


7. H. Hibshi, R. Slavin, J. Niu, T. Breaux, "Rethinking Security Requirements in RE Research," University of Texas at San Antonio, Technical Report #CS-TR-2014-001, January, 2014


8. Riaz, M., Breaux, T., Williams, L. "On the Design of Empirical Studies to Evaluate Software Patterns: A Survey," Revision submitted for consideration: Information and Software Technology, 2014


9. Breaux, T., Hibshi, H., Rao, A., Lehker, J.-M. "Towards a Framework for Pattern Experimentation: Understanding empirical validity in requirements engineering patterns." IEEE 2nd Workshop on Requirements Engineering Patterns (RePa'12), Chicago, Illinois, Sep. 2012, pp. 41-47.


10. Slavin, R., Shen, H., Niu, J., "Characterizations and Boundaries of Security Requirements Patterns," IEEE 2nd Workshop on Requirements Engineering Patterns (RePa'12), Chicago, Illinois, Sep. 2012, pp. 48-53.

3) KEY HIGHLIGHTS

We discovered ways to measure security expert and novice perceptions and comprehensions of the state of security in IT design artifacts, including software, and how this quantified understanding leads to (or fails to lead to) projected future consequences due to security threats. Results show that novices can struggle with comprehension if they misperceive critical cues, which presents an opportunity for targeted interventions to help novices reach the ability to project negative consequences of vulnerabilities. In contrast, security experts demonstrate the ability to link multiple perceptions into complex attack scenarios and to search for cues using an attacker mindset. Unlike qualification-based criteria for identifying experts (e.g., degrees earned, or years of experience), our results promise to yield a new set of criteria for distinguishing security experts based on measurements of their cognitive ability to perform security analysis.

Groups: