Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
Security and Privacy Requirements Analysis within a Social Setting
RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
Deriving security requirements from crosscutting threat descriptions
Proceedings of the 3rd international conference on Aspect-oriented software development
Object-Oriented Software Engineering: A Use Case Driven Approach
Object-Oriented Software Engineering: A Use Case Driven Approach
Building security requirements with CLASP
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
IEEE Security and Privacy
Security Requirements Engineering: A Framework for Representation and Analysis
IEEE Transactions on Software Engineering
Integrating security and systems engineering: towards the modelling of secure information systems
CAiSE'03 Proceedings of the 15th international conference on Advanced information systems engineering
Security engineering using problem frames
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
| Hi-index | 0.00 |
Software security concerns are frequent, widespread, and with potentially harmful consequences. We believe that security concerns should not only be specified as part of software requirements, but should also be supported during later stages of development (architecture, design, implementation, testing, and maintenance). This paper focuses on security requirements and the support available for them past their creation. As part of ongoing research we surveyed 12 approaches to security requirements engineering and identified the level of support each approach provides on a variety of areas related to later stages support. We show that support for security requirements after they are specified is lacking at best, creating opportunities for significant improvement and further research in this area.