Abstract
This work investigates visual support for easing the configuration of interdependent security goals. The interdependent nature of security goals did not receive sufficient attention in related work yet. A formal approach to adequately model interdependent security goals are multi-criteria optimization problems which can be solved either exactly or heuristically. This however depends on the question if the user is able to articulate his/her preferences regarding security goals. Furthermore, heuristic approaches confront users with possibly unlimited alternative configurations where each solution is equally well. In order to support users in the process of articulating preferences and selecting a suiting alternative, we provide visual facilities at the level of the user interface. The need for handling such issues emerged from the analysis of the EU funded di.me project which explicitly requires that such configurations are carried out by lay users. We present an approach tackling these issues by means of visual concepts triggering a service selection in the background which respects the interdependence of security goals. We concretely discuss the application of our approach by addressing a scenario concerned with deployment decisions in the di.me project.
Chapter PDF
Similar content being viewed by others
Keywords
References
Cranor, L.F., Garfunkel, S.: Security and Usability: Designing Secure Systems That People Can Use. O’Reiley (2005)
Kerckhoffs, A.: La cryptographie militaire. Journal des Sciences Militaires IX, 5–38 (1883)
Wolf, G., Pfitzmann, A.: Properties of protection goals and their integration into a user interface. Computer Networks 32, 685–699 (2000)
Scerri, S., Gimenez, R., Herman, F., Bourimi, M., Thiel, S.: digital.me towards an integrated Personal Information Sphere, (June 2011), http://d-cent.org/fsw2011/wp-content/uploads/fsw2011-digital.me-towards-an-integrated-Personal-Information-Sphere.pdf
Thiel, S., et al.: A requirements-driven approach towards decentralized social networks. In: Park, J.J., Leung, V.C.M., Wang, C.-L., Shon, T. (eds.) Future Information Technology, Application, and Service. LNEE, vol. 164, pp. 709–718. Springer, Heidelberg (2012)
Heupel, M., Fischer, L., Kesdogan, D., Bourimi, M., Scerri, S., Hermann, F., Gimenez, R.: Context-aware, trust-based access control for the di.me userware. In: 2012 5th International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–6 (May 2012)
Bourimi, M., Rivera, I., Scerri, S., Heupel, M., Cortis, K., Thiel, S.: Integrating multi-source user data to enhance privacy in social interaction. In: Proceedings of the 13th International Conference on Interacción Persona-Ordenador, INTERACCION 2012, pp. 51:1–51:7. ACM, New York (2012)
Karatas, F., Bourimi, M., Barth, T., Kesdogan, D., Gimenez, R., Schwittek, W., Planagumà , M.: Towards secure and at-runtime tailorable customer-driven public cloud deployment, pp. 124–130 (March 2012)
Bourimi, M., Barth, T., Haake, J.M., Ueberschär, B., Kesdogan, D.: AFFINE for enforcing earlier consideration of nFRs and human factors when building socio-technical systems following agile methodologies. In: Forbrig, P., Bernhaupt, R., Forbrig, P., Gulliksen, J., Lárusdóttir, M. (eds.) HCSE 2010. LNCS, vol. 6409, pp. 182–189. Springer, Heidelberg (2010)
Bourimi, M., Kesdogan, D.: Experiences by using AFFINE for building collaborative applications for online communities. In: HCI International 2013, Parallel Sessions. HCII 2013 (to appear, 2013)
Karatas, F., Kesdogan, D.: A flexible approach for considering interdependent security objectives in service composition. In: Proceedings of the 28th Symposium on Applied Computing (ACM SAC), pp. 1919–1926 (2013)
Karatas, F., Heupel, M., Bourimi, M., Kesdogan, D., Wrobel, S.: Considering interdependent protection goals in domain-specific contexts: The di.me case study. To be published in the Proceedings of the 10th International Conference on Information Technology - New Generations (2013)
Cohon, J.L., Marks, D.H.: A review and evaluation of multiobjective programing techniques. Water Resources Research 11(2), 208–220 (1975)
Dantzig, G.B., Thapa, M.N.: Linear Programming 2: Theory and Extensions. Springer (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Karatas, F., Bourimi, M., Kesdogan, D. (2013). Towards Visual Configuration Support for Interdependent Security Goals. In: Ozok, A.A., Zaphiris, P. (eds) Online Communities and Social Computing. OCSC 2013. Lecture Notes in Computer Science, vol 8029. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39371-6_42
Download citation
DOI: https://doi.org/10.1007/978-3-642-39371-6_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-39370-9
Online ISBN: 978-3-642-39371-6
eBook Packages: Computer ScienceComputer Science (R0)