Writing Secure Code
Identifying Security Aspects in Early Development Stages
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Eliciting Security Requirements through Misuse Activities
DEXA '08 Proceedings of the 2008 19th International Conference on Database and Expert Systems Application
Applicability of security patterns
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
| Hi-index | 0.00 |
Although security requirements analysis plays a very significant role in secure software development, it is difficult since it requires much security expertise and man-power. Plain and practical security requirements patterns are needed. We have presented a visualized analysis approach for eliciting security requirements by extending misuse cases, and found that some of its results can be pattern candidates. This paper proposes 8 new web security requirements patterns with our analysis approach. The proposed patterns give analysts a way to find a proper pattern for a specific security goal. They are related to security solutions, and also produce some security design possibilities. We have applied these patterns to some case studies and evaluated that they are effective for web security analysis.