The unified software development process
The unified software development process
Requirements Engineering: Processes and Techniques
Requirements Engineering: Processes and Techniques
Developing an enterprise information security policy
SIGUCCS '02 Proceedings of the 30th annual ACM SIGUCCS conference on User services
Using Abuse Case Models for Security Requirements Analysis
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Towards Modeling and Reasoning Support for Early-Phase Requirements Engineering
RE '97 Proceedings of the 3rd IEEE International Symposium on Requirements Engineering
Security-Critical System Development with Extended Use Cases
APSEC '03 Proceedings of the Tenth Asia-Pacific Software Engineering Conference Software Engineering Conference
Computer Standards & Interfaces
Computer Standards & Interfaces
Automatic translation form requirements model into use cases modeling on UML
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part III
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
A Model-Driven Approach for the Specification and Analysis of Access Control Policies
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Common criteria compliant software development (CC-CASD)
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Adaptable, model-driven security engineering for SaaS cloud-based applications
Automated Software Engineering
Hi-index | 0.00 |
Nowadays, security solutions are mainly focused on providing security defences, instead of solving one of the main reasons for security problems that refers to an appropriate Information Systems (IS) design. In fact, requirements engineering often neglects enough attention to security concerns. In this paper it will be presented a case study of our proposal, called SREP (Security Requirements Engineering Process), which is a standard-centred process and a reuse-based approach which deals with the security requirements at the earlier stages of software development in a systematic and intuitive way by providing a security resources repository and by integrating the Common Criteria into the software development lifecycle. In brief, a case study is shown in this paper demonstrating how the security requirements for a security critical IS can be obtained in a guided and systematic way by applying SREP.