The unified software development process
The unified software development process
Requirements Classification and Reuse: Crossing Domain Boundaries
ICSR-6 Proceedings of the 6th International Conerence on Software Reuse: Advances in Software Reusability
Proceedings of the 25th International Conference on Software Engineering
Using Abuse Case Models for Security Requirements Analysis
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
A CC-based Security Engineering Process Evaluation Model
COMPSAC '03 Proceedings of the 27th Annual International Conference on Computer Software and Applications
Security-Critical System Development with Extended Use Cases
APSEC '03 Proceedings of the Tenth Asia-Pacific Software Engineering Conference Software Engineering Conference
Security quality requirements engineering (SQUARE) methodology
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Computer Standards & Interfaces
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Computer Standards & Interfaces
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Analysis of Secure Mobile Grid Systems: A systematic approach
Information and Software Technology
A systematic review of security requirements engineering
Computer Standards & Interfaces
A Personal Data Audit Method through Requirements Engineering
Computer Standards & Interfaces
Reusing security requirements using an extended quality model
Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems
A meta-model for usable secure requirements engineering
Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems
Security requirements engineering framework for software product lines
Information and Software Technology
A comparison of software design security metrics
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Controlling security of software development with multi-agent system
KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part IV
Idea: simulation based security requirement verification for transaction level models
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Identification of security requirements in systems of systems by functional security analysis
Architecting dependable systems VII
A conceptual meta-model for secured information systems
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
A framework to support alignment of secure software engineering with legal regulations
Software and Systems Modeling (SoSyM)
Applying a security requirements engineering process
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Requirements engineering tools: Capabilities, survey and assessment
Information and Software Technology
Survey and analysis on Security Requirements Engineering
Computers and Electrical Engineering
Security and reliability requirements for advanced security event management
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
A framework to support selection of cloud providers based on security and privacy requirements
Journal of Systems and Software
Hi-index | 0.00 |
In order to develop security critical Information Systems, specifying security quality requirements is vitally important, although it is a very difficult task. Fortunately, there are several security standards, like the Common Criteria (ISO/IEC 15408), which help us handle security requirements. This article will present a Common Criteria centred and reuse-based process that deals with security requirements at the early stages of software development in a systematic and intuitive way, by providing a security resources repository as well as integrating the Common Criteria into the software lifecycle, so that it unifies the concepts of requirements engineering and security engineering.