Deriving security requirements from crosscutting threat descriptions

  title={Deriving security requirements from crosscutting threat descriptions},
  author={Charles B. Haley and Robin C. Laney and B. Nuseibeh},
  booktitle={AOSD '04},
  • Charles B. Haley, Robin C. Laney, B. Nuseibeh
  • Published in AOSD '04 2004
  • Computer Science
  • It is generally accepted that early determination of the stakeholder requirements assists in the development of systems that better meet the needs of those stakeholders. General security requirements frustrate this goal because it is difficult to determine how they affect the functional requirements of the system.This paper illustrates how representing threats as crosscutting concerns aids in determining the effect of security requirements on the functional requirements. Assets (objects that… CONTINUE READING
    105 Citations

    Figures and Topics from this paper

    Maintaining Security Requirements of Software Systems Using Evolving Crosscutting Dependencies
    • 1
    • PDF
    Core Security Requirements Artefacts
    • 62
    • PDF
    A Model for Structuring and Reusing Security Requirements Sources and Security Requirements
    • 9
    • PDF
    Aspect-oriented specification of threat-driven security requirements
    • 9
    • PDF
    An Aspect-Oriented Approach to Security Requirements Analysis
    • D. Xu, V. Goel, K. Nygard
    • Engineering, Computer Science
    • 30th Annual International Computer Software and Applications Conference (COMPSAC'06)
    • 2006
    • 18
    Capturing security requirements for software systems
    • 20
    • Highly Influenced
    • PDF
    • 6
    Formality of the Security Specification Process: Benefits Beyond Requirements
    • 3
    • PDF
    A model based security requirements engineering framework applied for online trading system
    • P. Salini, S. Kanmani
    • Computer Science
    • 2011 International Conference on Recent Trends in Information Technology (ICRTIT)
    • 2011
    • 13
    Towards Developing Secure Software Using Problem-Oriented Security Patterns
    • 2
    • PDF


    Trust Management Tools for Internet Applications
    • 173
    • Highly Influential
    • PDF
    Building Secure Software: How to Avoid Security Problems the Right Way
    • 2001
    Four Dark Comers of Requirements Engineering
    • A CM Transactions on Software Engineering and Methodology 6(1), Jan, 1997: pp. 1-30. 121
    • 1997