A framework for security requirements engineering

@inproceedings{Haley2006AFF,
  title={A framework for security requirements engineering},
  author={Charles B. Haley and J. Moffett and Robin C. Laney and B. Nuseibeh},
  booktitle={SESS '06},
  year={2006}
}
  • Charles B. Haley, J. Moffett, +1 author B. Nuseibeh
  • Published in SESS '06 2006
  • Computer Science
  • This paper presents a framework for security requirements elicitation and analysis, based upon the construction of a context for the system and satisfaction arguments for the security of the system. [...] Key Method The system context is described using a problem-centered notation, then this context is validated against the security requirements through construction of a satisfaction argument. The satisfaction argument is in two parts: a formal argument that the system can meet its security requirements, and a…Expand Abstract
    170 Citations

    Figures and Topics from this paper

    Security Requirements Engineering: A Framework for Representation and Analysis
    • 423
    • PDF
    A Framework for Security Requirements Elicitation
    • 2
    • Highly Influenced
    • PDF
    A MODEL BASED SECURITY REQUIREMENTS ENGINEERING FRAMEWORK
    • 6
    A model based security requirements engineering framework applied for online trading system
    • P. Salini, S. Kanmani
    • Computer Science
    • 2011 International Conference on Recent Trends in Information Technology (ICRTIT)
    • 2011
    • 13
    A comparison of security requirements engineering methods
    • 219
    • PDF
    Core Security Requirements Artefacts
    • 62
    • PDF
    Capturing security requirements for software systems
    • 20
    • PDF
    A scenario-based framework for the security evaluation of software architecture
    • 24
    Contextualizing Security Goals: A Method for Multilateral Security Requirements Elicitation
    • 24
    • PDF

    References

    SHOWING 1-6 OF 6 REFERENCES
    Elaborating security requirements by construction of intentional anti-models
    • A. V. Lamsweerde
    • Engineering, Computer Science
    • Proceedings. 26th International Conference on Software Engineering
    • 2004
    • 452
    • Highly Influential
    • PDF
    Applying Security Design Analysis to a service‐based system
    • 16
    • Highly Influential
    Security and privacy requirements analysis within a social setting
    • L. Liu, E. Yu, J. Mylopoulos
    • Computer Science
    • Proceedings. 11th IEEE International Requirements Engineering Conference, 2003.
    • 2003
    • 419
    • Highly Influential
    • PDF
    Requirements Engineering: Processes and Techniques
    • 1,734
    • Highly Influential
    Problem Frames - Analysing and Structuring Software Development Problems
    • 631
    • Highly Influential
    • PDF
    Strategies for Developing Policies and Requirements for Secure E-Commerce Systems
    • In E- Commerce Security and Privacy,
    • 2001