RUP-based process model for security requirements engineering in value-added service development

Authors:
H. Belani;Z. Car;A. Caric
Affiliations:
Comput. Dept. of Telecommun., Univ. of Zagreb, Zagreb;Comput. Dept. of Telecommun., Univ. of Zagreb, Zagreb;-
Venue:
IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
Year:
2009

Citing 7
Cited 2

The Rational Unified Process: an introduction

The Rational Unified Process: an introduction
Software engineering for security: a roadmap

Proceedings of the Conference on The Future of Software Engineering
Mobile Messaging Technologies and Services: SMS, EMS and MMS

Mobile Messaging Technologies and Services: SMS, EMS and MMS
RUPSec: Extending Business Modeling and Requirements Disciplines of RUP for Developing Secure Systems

EUROMICRO '05 Proceedings of the 31st EUROMICRO Conference on Software Engineering and Advanced Applications
Security and Usability

Security and Usability
A Conceptual Framework for Business Process Engineering: A Case Study

ICSEA '06 Proceedings of the International Conference on Software Engineering Advances
On the Secure Software Development Process: CLASP and SDL Compared

SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems

The 5th international workshop on software engineering for secure systems (SESS'09)

ICSE '09 COMPANION Proceedings of the 2009 31st International Conference on Software Engineering: Companion Volume
Implementation and evaluation of mobile ticket validation systems for value-added services

SoftCOM'09 Proceedings of the 17th international conference on Software, Telecommunications and Computer Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

Due to the spreading of SMS services and appearing of new business models, value-added SMS services have been introduced. According to the research results about wide distribution of security incidents on ICT systems worldwide, in spite of known security solutions, there is a necessity for organizational approach to implement security. This paper presents research and development efforts in building process model SecuRUP for security requirements engineering conformed to RUP framework. The model consists of processes, artifacts, activities and according roles for successful elicitation, analysis and specification of recognized security requirements and is validated on presented case study. The model validation results have shown significant process improvement, especially on roles and activities identification in SecuRUP elaboration process, but only further case studies in industry can be best indicators for usefulness of such models.