Security Requirements Engineering A Strategic Approach
نویسندگان
چکیده
منابع مشابه
A Reuse-Based Approach to Security Requirements Engineering
The paper presents a reuse-based approach to the modeling, specification and analysis of application-specific security requirements. The method is based on a goaloriented framework that addresses malicious goals (called anti-goals) set up by attackers to threaten security goals. Threat tree fragments are built systematically through specializations of attack patterns. Attack patterns abstract a...
متن کاملAgile Security Requirements Engineering
Agile processes have been deemed unsuitable for security sensitive software development as the rigors of assurance are seen to conflict with the lightweight and informal nature of agile processes. However, such apparently conflicting demands may be reconciled by introducing the new notion of abuser stories in the requirements domain. These extend the wellestablished concept of user stories to a...
متن کاملEngineering Security Requirements
Most requirements engineers are poorly trained to elicit, analyze, and specify security requirements, often confusing them with the architectural security mechanisms that are traditionally used to fulfill them. They thus end up specifying architecture and design constraints rather than true security requirements. This article defines the different types of security requirements and provides ass...
متن کاملSecurity Requirements Engineering:
Everyone agrees that security is a problem, ranging from Microsoft to the banks that have been recent victims of rogue traders. What is paradoxical is that there does not seem to be a wholehearted commitment by both academics and industry to treat this topic systematically at the top level of requirements engineering. Our vision is of a future in which we inform the security requirements engine...
متن کاملSecurity and Trust Requirements Engineering
Integrating security concerns throughout the whole software development process is one of today’s challenges in software and requirements engineering research. A challenge that so far has proved difficult to meet. The major difficulty is that providing security does not only require to solve technical problems but also to reason on the organization as a whole. This makes the usage of traditiona...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Computer Applications
سال: 2011
ISSN: 0975-8887
DOI: 10.5120/1760-2410