Developing an enterprise information security policy
SIGUCCS '02 Proceedings of the 30th annual ACM SIGUCCS conference on User services
UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Model driven security for process-oriented systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Using Abuse Case Models for Security Requirements Analysis
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Towards Modeling and Reasoning Support for Early-Phase Requirements Engineering
RE '97 Proceedings of the 3rd IEEE International Symposium on Requirements Engineering
A CC-based Security Engineering Process Evaluation Model
COMPSAC '03 Proceedings of the 27th Annual International Conference on Computer Software and Applications
Security-Critical System Development with Extended Use Cases
APSEC '03 Proceedings of the Tenth Asia-Pacific Software Engineering Conference Software Engineering Conference
Tropos: An Agent-Oriented Software Development Methodology
Autonomous Agents and Multi-Agent Systems
Eliciting security requirements with misuse cases
Requirements Engineering
Engineering safety-related requirements for software-intensive systems
Proceedings of the 27th international conference on Software engineering
Building security requirements with CLASP
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Security quality requirements engineering (SQUARE) methodology
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
Towards an Ontology-based Security Management
AINA '06 Proceedings of the 20th International Conference on Advanced Information Networking and Applications - Volume 01
CSEET '06 Proceedings of the 19th Conference on Software Engineering Education & Training
Building problem domain ontology from security requirements in regulatory documents
Proceedings of the 2006 international workshop on Software engineering for secure systems
Goal and scenario based domain requirements analysis environment
Journal of Systems and Software - Special issue: Selected papers from the 11th Asia Pacific software engineering conference (APSEC 2004)
Computer Standards & Interfaces
Journal of Systems and Software
Intrusion detection aware component-based systems: A specification-based framework
Journal of Systems and Software
Science of Computer Programming
Model-Based Security Engineering of Distributed Information Systems Using UMLsec
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Engineering Safety and Security Related Requirements for Software Intensive Systems
ICSE COMPANION '07 Companion to the proceedings of the 29th International Conference on Software Engineering
Security Requirements Engineering: A Framework for Representation and Analysis
IEEE Transactions on Software Engineering
Executable misuse cases for modeling security concerns
Proceedings of the 30th international conference on Software engineering
Security Requirement Engineering at a Telecom Provider
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
ISEDS: An Information Security Engineering Database System Based on ISO Standards
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Computer Standards & Interfaces
Eliciting Security Requirements through Misuse Activities
DEXA '08 Proceedings of the 2008 19th International Conference on Database and Expert Systems Application
Experimental comparison of attack trees and misuse cases for security threat identification
Information and Software Technology
Computer Standards & Interfaces
Automated analysis of permission-based security using UMLsec
FASE'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Fundamental approaches to software engineering
A security requirement management database based on ISO/IEC 15408
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Security requirements engineering framework for software product lines
Information and Software Technology
Secure business process model specification through a UML 2.0 activity diagram profile
Decision Support Systems
Security and reliability requirements for advanced security event management
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
Mapping study about usability requirements elicitation
CAiSE'13 Proceedings of the 25th international conference on Advanced Information Systems Engineering
Effective data warehouse for information delivery: a literature survey and classification
International Journal of Networking and Virtual Organisations
Secure Tropos framework for software product lines requirements engineering
Computer Standards & Interfaces
Hi-index | 0.00 |
One of the most important aspects in the achievement of secure software systems in the software development process is what is known as Security Requirements Engineering. However, very few reviews focus on this theme in a systematic, thorough and unbiased manner, that is, none of them perform a systematic review of security requirements engineering, and there is not, therefore, a sufficiently good context in which to operate. In this paper we carry out a systematic review of the existing literature concerning security requirements engineering in order to summarize the evidence regarding this issue and to provide a framework/background in which to appropriately position new research activities.