The Fundamentals of Information Security
IEEE Software
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
The Security Development Lifecycle
The Security Development Lifecycle
Educating Students to Create Trustworthy Systems
IEEE Security and Privacy
Security Requirements for the Rest of Us: A Survey
IEEE Software
SP 800-27 Rev. A. Engineering Principles for Information Technology Security (A Baseline for Achieving Security), Revision A
Hi-index | 0.00 |
During the development of a software system, the process of requirements elicitation gathers both functional requirements (i.e., what the system should do) and nonfunctional requirements (i.e., what the system should be). Computer science and software engineering education have traditionally addressed the former more than the latter, because it is easier to test that functional requirements have been properly implemented. Within the category of nonfunctional requirements, the privacy requirements engineering process is less mature than that of security engineering, and underlying engineering principles can give little attention to privacy requirements. In this paper, we discuss how security and privacy requirements engineering can be taught as necessary aspects of software development. We suggest that the best way to harmonize security and privacy requirements is to link information systems experts with computer scientists with the goal of addressing the key issues that prevent systems from implementing effective security and privacy.