Visible to the public Usable Formal Methods for the Design and Composition of Security and Privacy Policies (CMU/UTSA Collaborative Proposal)Conflict Detection Enabled

Submitted by Jamie Presken on Wed, 03/04/2015 - 8:39am

Public Audience
Purpose: To highlight progress. Information is generally at a higher level which is accessible to the interested public.

PI(s): Travis Breaux (CMU), Jianwei Niu (UTSA)
Researchers:

1) HARD PROBLEM(S) ADDRESSED (with short descriptions)

This refers to Hard Problems, released November 2012.

Security-Metrics-Driven-Evaluation, Design, Development and Deployment. Our research evaluates security pattern selection and application by designers in response to attack patterns. The evaluation is based on formal models of attack scenarios that are used to measure security risk and promote risk reduction strategies based on assurance cases constructed by the analyst. The aim is to improve the usability of formal methods for studying security design and composition.

Understanding and Accounting for Human Behavior. Our research is based on theory in psychology concerning how designers comprehend and interpret their environment, how they plan and project solutions into the future, with the aim of better understanding how these activities exist in designing more secure systems. These are not typical models of attackers and defenders, but models of developer behavior, including our ability to influence that behavior with interventions.

2) PUBLICATIONS
Report papers written as a results of this research. If accepted by or submitted to a journal, which journal. If presented at a conference, which conference.

  1. Hui Shen, Ram Krishnan, Rocky Slavin, and Jianwei Niu. "Sequence Diagram Aided Privacy Policy Specification", revision submitted for publication: IEEE Transactions on Dependable and Secure Computing in August 2014.
  2. H. Hibshi, T. Breaux, M. Riaz, L. Williams. "Discovering Decision-Making Patterns for Security Novices and Experts", In Submission: International Journal of Secure Software Engineering, 2014.
  3. H. Hibshi, T. Breaux, M. Riaz, L. Williams. "A Framework to Measure Experts' Decision Making in Security Requirements Analysis," IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering, pp. 13-18, 2014.
  4. R. Slavin, J.-M. Lehker, J. Niu, T. Breaux. "Managing Security Requirement Patterns Using Feature Diagram Hierarchies," IEEE 22nd International Requirements Engineering Conference, pp. 193-202, 2014.
  5. Slankas, J., Riaz, M. King, J., Williams, L. "Discovering Security Requirements from Natural Language," IEEE 22nd International Requirements Engineering Conference, 2014.
  6. Rao, H. Hibshi, T. Breaux, J-M. Lehker, J. Niu, "Less is More? Investigating the Role of Examples in Security Studies using Analogical Transfer," 2014 Symposium and Bootcamp on the Science of Security (HotSoS), Article 7.
  7. H. Hibshi, R. Slavin, J. Niu, T. Breaux, "Rethinking Security Requirements in RE Research," University of Texas at San Antonio, Technical Report #CS-TR-2014-001, January, 2014
  8. Riaz, M., Breaux, T., Williams, L. "On the Design of Empirical Studies to Evaluate Software Patterns: A Survey," Revision submitted for consideration: Information and Software Technology, 2014
  9. Breaux, T., Hibshi, H., Rao, A., Lehker, J.-M. "Towards a Framework for Pattern Experimentation: Understanding empirical validity in requirements engineering patterns." IEEE 2nd Workshop on Requirements Engineering Patterns (RePa'12), Chicago, Illinois, Sep. 2012, pp. 41-47.
  10. Slavin, R., Shen, H., Niu, J., "Characterizations and Boundaries of Security Requirements Patterns," IEEE 2nd Workshop on Requirements Engineering Patterns (RePa'12), Chicago, Illinois, Sep. 2012, pp. 48-53.

3) KEY HIGHLIGHTS

We discovered ways to measure security expert and novice perceptions and comprehensions of the state of security in IT design artifacts, including software, and how this quantified understanding leads to (or fails to lead to) projected future consequences due to security threats. Results show that novices can struggle with comprehension if they misperceive critical cues, which presents an opportunity for targeted interventions to help novices reach the ability to project negative consequences of vulnerabilities. In contrast, security experts demonstrate the ability to link multiple perceptions into complex attack scenarios and to search for cues using an attacker mindset. Unlike qualification-based criteria for identifying experts (e.g., degrees earned, or years of experience), our results promise to yield a new set of criteria for distinguishing security experts based on measurements of their cognitive ability to perform security analysis.

Groups: