Dealing with non-functional requirements: three experimental studies of a process-oriented approach
Proceedings of the 17th international conference on Software engineering
SAAM: a method for analyzing the properties of software architectures
ICSE '94 Proceedings of the 16th international conference on Software engineering
Software architecture in practice
Software architecture in practice
Cryptography and network security (2nd ed.): principles and practice
Cryptography and network security (2nd ed.): principles and practice
Seven good reasons for mobile agents
Communications of the ACM
Design and use of software architectures: adopting and evolving a product-line approach
Design and use of software architectures: adopting and evolving a product-line approach
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
ER '02 Proceedings of the 21st International Conference on Conceptual Modeling
A Goal-Based Organizational Perspective on Multi-agent Architectures
ATAL '01 Revised Papers from the 8th International Workshop on Intelligent Agents VIII
A Requirements-Driven Development Methodology
CAiSE '01 Proceedings of the 13th International Conference on Advanced Information Systems Engineering
Using Abuse Case Models for Security Requirements Analysis
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Model Checking Early Requirements Specifications in Tropos
RE '01 Proceedings of the Fifth IEEE International Symposium on Requirements Engineering
Modelling strategic relationships for process reengineering
Modelling strategic relationships for process reengineering
Architectural styles and the design of network-based software architectures
Architectural styles and the design of network-based software architectures
Tropos: An Agent-Oriented Software Development Methodology
Autonomous Agents and Multi-Agent Systems
SP 800-19. Mobile Agent Security
SP 800-19. Mobile Agent Security
Countermeasures for mobile agent security
Computer Communications
CAiSE '08 Proceedings of the 20th international conference on Advanced Information Systems Engineering
Modelling Trust Requirements by Means of a Visualization Language
REV '08 Proceedings of the 2008 Requirements Engineering Visualization
Conceptual Modeling: Foundations and Applications
Allocating goals to agent roles during MAS requirements engineering
AOSE'06 Proceedings of the 7th international conference on Agent-oriented software engineering VII
A Personal Data Audit Method through Requirements Engineering
Computer Standards & Interfaces
Information systems development: a trust ontology
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems - Volume Part I
A framework to support alignment of secure software engineering with legal regulations
Software and Systems Modeling (SoSyM)
Capturing security requirements in business processes through a UML 2.0 activity diagrams profile
CoMoGIS'06 Proceedings of the 2006 international conference on Advances in Conceptual Modeling: theory and practice
Towards a UML 2.0 extension for the modeling of security requirements in business processes
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
ER'05 Proceedings of the 24th international conference on Conceptual Modeling
Idea: reusability of threat models – two approaches with an experimental evaluation
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Survey and analysis on Security Requirements Engineering
Computers and Electrical Engineering
A privacy framework for the personal web
The Personal Web
Hi-index | 0.00 |
Although security is a crucial issue for information systems, traditionally, it is considered after the definition of the system. This approach often leads to problems, which most of the times translate into security vulnerabilities. From the viewpoint of the traditional security paradigm, it should be possible to eliminate such problems through better integration of security and software engineering. This paper firstly argues for the need to develop a methodology that considers security as an integral part of the whole system development process, and secondly it contributes to the current state of the art by proposing an approach that considers security concerns as an integral part of the entire system development process and by relating this approach with existing work. The different stages of the approach are described with the aid of a real-life case study; a health and social care information system.