Description
Grid Security Requirements (90 mins)
Philippe Massonet (CETIC, Belgium); Alvaro Arenas (STFC RAL, UK)
Starting and operating a secure virtual organisation (VO) requires that security objectives and requirements have been defined and are enforced throughout the VO lifecycle. In this talk we describe how a goal-oriented requirements engineering method has be tailored for defining VO security objectives and refining them into enforceable security policies. We also introduce an Eclipse-based design tool that allows specifying and refining security objectives into requirements, and derive policies from requirements.