Attack graphs capture sequences of actions that an intruder can take to lead the system to an undesirable state. They have proven to be important tools for administrators to analyse and devise countermeasures to be deployed in the face of an attack. We consider preferences over countermeasures that the administrator may hold when devising a strategy to… (More)
—For a Web service composition to satisfy a user's needs, it must not only provide the desired functionality, but also have nonfunctional properties (e.g., reliability, availability, cost) that are acceptable to the user. In the recent past, several techniques have been developed and deployed to identify a composite service that conforms to the functional… (More)
In goal-oriented requirements engineering, a goal model graphically represents relationships between the required goals (functional requirements), tasks (realizations of goals), and optional goals (non-functional properties) involved in designing a system. It may, however, be impossible to find a design that fulfills all required goals and all optional… (More)
In most client-server interactions over the Web, the server requires the client to disclose certain credentials before providing the client with the requested service (server policy). The client, on the other hand, wants to minimize the sensitivity of the set of credentials disclosed (client preference). We present a qualitative preference formalism based… (More)
Extending substitutability in composite services by allowing asynchronous communication" (2009). Graduate Theses and Dissertations. Paper 11079.
—We present a framework for reasoning with preferences in the context of Goal-Oriented Requirements Engineering (GORE). Our choice of preference language, conditional importance networks (CI-nets), is motivated by the occurrence in requirements engineering of qualitative preferences and tradeoffs involving sets of items; such preferences are expressed more… (More)
To produce an optimal component-based software system for a given application, it is necessary to consider both the required functionality of the system and its stakeholders' preferences over various non-functional properties. We propose a new modular end-to-end framework for component-based system development that combines formal specification and… (More)