Security and Privacy Requirements Analysis within a Social Setting
RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
Tropos: An Agent-Oriented Software Development Methodology
Autonomous Agents and Multi-Agent Systems
Cassandra: Flexible Trust Management, Applied to Electronic Health Records
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
A requirements taxonomy for reducing Web site privacy vulnerabilities
Requirements Engineering
Secure Systems Development with UML
Secure Systems Development with UML
Computer Standards & Interfaces
Computer-aided Support for Secure Tropos
Automated Software Engineering
Computer Standards & Interfaces
Requirements model generation to support requirements elicitation: the Secure Tropos experience
Automated Software Engineering
Enforcing a security pattern in stakeholder goal models
Proceedings of the 4th ACM workshop on Quality of protection
Experimental comparison of attack trees and misuse cases for security threat identification
Information and Software Technology
A systematic review of security requirements engineering
Computer Standards & Interfaces
A Personal Data Audit Method through Requirements Engineering
Computer Standards & Interfaces
Prioritizing Legal Requirements
RELAW '09 Proceedings of the 2009 Second International Workshop on Requirements Engineering and Law
RELAW '09 Proceedings of the 2009 Second International Workshop on Requirements Engineering and Law
Security requirements engineering framework for software product lines
Information and Software Technology
Designing security requirements models through planning
CAiSE'06 Proceedings of the 18th international conference on Advanced Information Systems Engineering
Security and trust requirements engineering
Foundations of Security Analysis and Design III
Modeling social and individual trust in requirements engineering methodologies
iTrust'05 Proceedings of the Third international conference on Trust Management
ST-Tool: a CASE tool for modeling and analyzing trust requirements
iTrust'05 Proceedings of the Third international conference on Trust Management
Applying a security requirements engineering process
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Hi-index | 0.00 |
Extending Requirements Engineering modelling and formal analysis methodologies to cope with Security Requirements has been a major effort in the past decade. Yet, only few works describe complex case studies that show the ability of the informal and formal approaches to cope with the level complexity required by compliance with ISO-17799 security management requirements. In this paper we present a comprehensive case study of the application of the Secure Tropos RE methodology for compliance to the Italian legislation on Privacy and Data Protection by the University of Trento, leading to the definition and analysis of a ISO-17799-like security management scheme.