Pattern-Based Confidentiality-Preserving Refinement
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
A Foundation for Requirements Analysis of Dependable Software
SAFECOMP '09 Proceedings of the 28th International Conference on Computer Safety, Reliability, and Security
Identification of security requirements in systems of systems by functional security analysis
Architecting dependable systems VII
Systematic development of UMLsec design models based on security requirements
FASE'11/ETAPS'11 Proceedings of the 14th international conference on Fundamental approaches to software engineering: part of the joint European conferences on theory and practice of software
Environment-driven threats elicitation for web applications
KES-AMSTA'11 Proceedings of the 5th KES international conference on Agent and multi-agent systems: technologies and applications
Does organizing security patterns focus architectural choices?
Proceedings of the 34th International Conference on Software Engineering
Security and reliability requirements for advanced security event management
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Threat and Risk-Driven Security Requirements Engineering
International Journal of Mobile Computing and Multimedia Communications
| Hi-index | 0.00 |
We present a process to develop secure software with an extensive pattern-based security requirements engineering phase. It supports identifying and analyzing conflicts between different security requirements. In the design phase, we proceed by selecting security software components that achieve security requirements. The process enables software developers to systematically identify, analyze, and finally realize security requirements using security software components. We illustrate our approach by a lawyer agency software example.