Requirements and Specification Exemplars
Automated Software Engineering
Towards requirements-driven information systems engineering: the Tropos project
Information Systems - The 13th international conference on advanced information systems engineering (CAiSE*01)
Deriving Use Cases from Organizational Modeling
RE '02 Proceedings of the 10th Anniversary IEEE Joint International Conference on Requirements Engineering
Tropos: An Agent-Oriented Software Development Methodology
Autonomous Agents and Multi-Agent Systems
Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
Eliciting security requirements with misuse cases
Requirements Engineering
Modeling Security Requirements Through Ownership, Permission and Delegation
RE '05 Proceedings of the 13th IEEE International Conference on Requirements Engineering
Integrating software specifications into intrusion detection
International Journal of Information Security
Security Requirements Engineering: A Framework for Representation and Analysis
IEEE Transactions on Software Engineering
Alignment of Misuse Cases with Security Risk Management
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
CAiSE '08 Proceedings of the 20th international conference on Advanced Information Systems Engineering
A goal oriented approach for modeling and analyzing security trade-offs
ER'07 Proceedings of the 26th international conference on Conceptual modeling
Secure Systems Development with UML
Secure Systems Development with UML
Towards Model Transformation between SecureUML and UMLsec for Role-based Access Control
Proceedings of the 2011 conference on Databases and Information Systems VI: Selected Papers from the Ninth International Baltic Conference, DB&IS 2010
Towards a comprehensive framework for secure systems development
CAiSE'06 Proceedings of the 18th international conference on Advanced Information Systems Engineering
Seventh international workshop on software engineering for secure systems (SESS 2011)
Proceedings of the 33rd International Conference on Software Engineering
Hi-index | 0.00 |
(IS) requires that the security concerns should be properly articulated well ahead in early requirement engineering (RE) along with other functional and non-functional requirements. In this paper, based on the domain model for IS security risk management (SRM) we propose a set of transformation guidelines to translate Secure Tropos models to the misuse case diagrams. We believe that such a model translation would help developers to elicit real security needs by integrating the security analysis starting from early requirement stages to all the stages of development process. The translation aligns the IS security concerns with functional requirements and maintains traceability of the security decisions to their origin.