• Publications
  • Influence
Modeling security requirements through ownership, permission and delegation
Security requirements engineering is emerging as a branch of software engineering, spurred by the realization that security must be dealt with early on during the requirements phase. Methodologies inExpand
  • 247
  • 13
  • PDF
Requirements Engineering Meets Trust Management: Model, Methodology, and Reasoning
The last years have seen a number of proposals to incorporate Security Engineering into mainstream Software Requirements Engineering. However, capturing trust and security requirements at anExpand
  • 102
  • 9
  • PDF
A vulnerability-centric requirements engineering framework: analyzing security attacks, countermeasures, and requirements based on vulnerabilities
Many security breaches occur because of exploitation of vulnerabilities within the system. Vulnerabilities are weaknesses in the requirements, design, and implementation, which attackers exploit toExpand
  • 102
  • 7
  • PDF
Requirements engineering for trust management: model, methodology, and reasoning
A number of recent proposals aim to incorporate security engineering into mainstream software engineering. Yet, capturing trust and security requirements at an organizational level, as opposed to anExpand
  • 111
  • 5
  • PDF
Towards the development of privacy-aware systems
Privacy and data protection are pivotal issues in nowadays society. They concern the right to prevent the dissemination of sensitive or confidential information of individuals. Many studies have beenExpand
  • 129
  • 5
  • PDF
Using a security requirements engineering methodology in practice: The compliance with the Italian data protection legislation
Extending Requirements Engineering modelling and formal analysis methodologies to cope with Security Requirements has been a major effort in the past decade. Yet, only few works describe complex caseExpand
  • 101
  • 5
  • PDF
A reference model for reputation systems
Recent advances in ICT have led to a vast and expeditious development of e-services and technology. Trust is a fundamental aspect for the acceptance and adoption of these new services. Reputation isExpand
  • 61
  • 5
  • PDF
Controlling Break-the-Glass through Alignment
Modern IT systems have to deal with unpredictable situations and exceptions more and more often. In contrast, security mechanisms are usually very rigid. Functionality like break-the-glass is thusExpand
  • 31
  • 5
  • PDF
Survey on Access Control for Community-Centered Collaborative Systems
The last decades have seen a growing interest and demand for community-centered collaborative systems and platforms. These systems and platforms aim to provide an environment in which users canExpand
  • 31
  • 5
  • PDF
Security and Trust Requirements Engineering
Integrating security concerns throughout the whole software development process is one of today's challenges in software and requirements engineering research. A challenge that so far has provedExpand
  • 74
  • 4
  • PDF