Skip to main content
Kent Academic Repository

Nane: Identifying misuse cases using temporal norm enactments

Kafalı, Özgur and Singh, Munindar P. and Williams, Laurie (2016) Nane: Identifying misuse cases using temporal norm enactments. In: 2016 IEEE 24th International Requirements Engineering Conference (RE). IEEE, pp. 136-145. ISBN 978-1-5090-4122-0. E-ISBN 978-1-5090-4121-3. (doi:10.1109/RE.2016.34) (KAR id:65869)

Abstract

Recent data breaches in domains such as healthcare where confidentiality of data is crucial indicate that breaches often originate from misuses, not only from vulnerabilities in the technical (software or hardware) architecture. Current requirements engineering (RE) approaches determine what access control mechanisms are needed to protect sensitive resources (assets). However, current RE approaches inadequately characterize how a user is expected to interact with others in relation to the relevant assets. Consequently, a requirements analyst cannot readily identify misuses by legitimate users. We adopt social norms as a natural, formal means of characterizing user interactions whereby potential misuses map to norm violations. Our research goal is to help analysts identify misuse cases by formal reasoning about norm enactments. We propose Nane, a formal framework for identifying such misuse cases using a semiautomated process. We demonstrate how Nane enables monitoring of potential misuses on a healthcare scenario.

Item Type: Book section
DOI/Identification number: 10.1109/RE.2016.34
Uncontrolled keywords: authorization; monitoring; hospitals; calculus; software; cognition
Subjects: Q Science > Q Science (General) > Q335 Artificial intelligence
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Ozgur Kafali
Date Deposited: 02 Feb 2018 16:43 UTC
Last Modified: 05 Nov 2024 11:04 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/65869 (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.