ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Systematic development of UMLsec design models based on security requirements
FASE'11/ETAPS'11 Proceedings of the 14th international conference on Fundamental approaches to software engineering: part of the joint European conferences on theory and practice of software
Connecting security requirements analysis and secure design using patterns and UMLsec
CAiSE'11 Proceedings of the 23rd international conference on Advanced information systems engineering
Security in the context of multi-agent systems
The 10th International Conference on Autonomous Agents and Multiagent Systems - Volume 3
Towards systematic integration of quality requirements into software architecture
ECSA'11 Proceedings of the 5th European conference on Software architecture
Evaluation of the Pattern-based method for Secure Development (PbSD): A controlled experiment
Information and Software Technology
MDSE@R: model-driven security engineering at runtime
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
Modelling context-aware RBAC models for mobile business processes
International Journal of Wireless and Mobile Computing
Comparing attack trees and misuse cases in an industrial setting
Information and Software Technology
Secure Tropos framework for software product lines requirements engineering
Computer Standards & Interfaces
Hi-index | 0.00 |
Security of intelligent software systems is an important area of research. Although security is traditionally considered a technical issue; security is, in fact, a two-dimensional problem, which involves technical as well as social challenges. Goal-driven requirements engineering (GDRE) has been proposed in the literature as a suitable paradigm for the analysis of security issues and elicitation of security requirements at both the social and technical level. Nevertheless, there is lack of approaches, which would support the successful transformation of the elicited, using GDRE approaches, security requirements to design. This paper presents work that fills this gap. The presented approach, which is based on the integration of a goal-driven security requirements engineering (GDSRE) methodology and a model-based security engineering (MBSE) method, has some important features: (1) It provides a structured process to translate the results of the GDSRE method to a design, which satisfies these requirements; (2) it allows the simultaneous elicitation and analysis of the security requirements and the functional requirements of the system; (3) it allows consideration of both the social and the technical dimensions of the system's security; (4) it guides software engineers toward a design that is amenable to formal verification with the aid of automated tools. We demonstrate the applicability of the proposed approach at the hand of an application to the electronic purse standard common electronic purse specifications (released by Visa International and others). © 2010 Wiley Periodicals, Inc. Supported by the EU project secure change.