Practical software metrics for project management and process improvement
Practical software metrics for project management and process improvement
Dealing with non-functional requirements: three experimental studies of a process-oriented approach
Proceedings of the 17th international conference on Software engineering
Software engineering for security: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Evaluation of modeling techniques for agent-based systems
Proceedings of the fifth international conference on Autonomous agents
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Model driven security for process-oriented systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Using Abuse Case Models for Security Requirements Analysis
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
The Rational Unified Process: An Introduction
The Rational Unified Process: An Introduction
Security-Critical System Development with Extended Use Cases
APSEC '03 Proceedings of the Tenth Asia-Pacific Software Engineering Conference Software Engineering Conference
RUP-based process model for security requirements engineering in value-added service development
IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
A product line enhanced unified process
SPW/ProSim'06 Proceedings of the 2006 international conference on Software Process Simulation and Modeling
Hi-index | 0.00 |
Nowadays, one of the main challenges facing computer systems is increasing attacks and security threats against them. Therefore, capturing, analyzing, designing, developing and testing of security requirements have became an important issue in development of security-critical computing systems, such as banking, military and ecommerce systems. For developing every system, a process model is chosen. The Rational Unified Process (RUP) is one of the most popular and complete process models which has been used by developers in recent years. Our study and analysis has shown that RUP should be extended for developing security-critical systems. In this paper, we report our work on extending Business Modeling and Requirements disciplines of RUP for developing secure systems. We call this extended version of RUP as RUPSec. The proposed extensions in RUPSec are adding and integrating a number of Activities, Roles, and Artifacts to RUP in order to capture, document and model threats and security requirements.