Computer Aided Threat Identification

Recently, there has been an increase of reported security threats hitting organizations. Some of them are originated from the assignments to users of inappropriate permissions on organizational sensitive data. Thus it is crucial for organizations to recognize as early as possible the risks deriving by inappropriate access right management and to identify the solutions that they need to prevent such risks. In this paper, we propose a framework to identify threats during the requirements analysis of organizations' IT systems. With respect to other works which have attempted to include security analysis into requirement engineering process (e.g., KAOS, Elahi et al., Asnar et al.), our framework does not rely on the level of expertise of the security analyst to detect threats but allows to automatically identify threats that derive from inappropriate access management. To capture the organization's setting and the system stakeholders' requirements, we adopt SI* [1], a requirement engineering framework founded on the concepts of actors, goals, tasks and resources. This framework extends SI* with a reasoning technique that identifies potential security threats on resources and relevant goals. The reasoning is based on Answer Set Programming (ASP) logic rules that take into account the relationships between resources and the delegation of permission relations between actors. We illustrate this framework using an eHealth scenario.