Building secure systems is difficult for many reasons. This paper deals with two of the main challenges: (i) the lack of security expertise in development teams, and (ii) the inadequacy of existing methodologies to support developers who are not security experts. The security standard ISO 14508 (Common Criteria) together with secure design techniques such as UMLsec can provide the security expertise, knowledge, and guidelines that are needed. However, security expertise and guidelines are not stated explicitly in the Common Criteria. They are rather phrased in security domain terminology and difficult to understand for developers. This means that some general security and secure design expertise are required to fully take advantage of the C...
Software Engineering has established techniques, methods and technology over two decades. However, d...
Security is often neglected during requirements elicitation, which leads to tacked-on designs, vulne...
Defining security requirements is the important first step in designing, implementing and evaluating...
The goal of SecReq [2] is to assist all steps in security requirements elicitation, as well as provi...
Despite the acknowledged need for systems to be both us- able and secure, we lack guidance on how d...
Despite the acknowledged need for systems to be both usable and secure, we lack guidance on how deve...
This paper presents a framework for security requirements elicitation and analysis. The framework is...
AbstractSecurity is often an afterthought during software development. Realizing security early, esp...
This paper presents a framework for security requirements elicitation and analysis, based upon the ...
Security is today considered as a basic foundation in software development and therefore, the modell...
The aim of this paper is to provide better support for the development of secure systems. We argue t...
Context & motivation: More and more software projects today are security-related in one way or the o...
The quest for designing secure and trusted software has led to refined Software Engineering methodol...
UnrestrictedResearch experience shows that security needs to be considered from the beginning of sof...
There has been a growing concern on the importance of security with the rise of phenomena, such as e...
Software Engineering has established techniques, methods and technology over two decades. However, d...
Security is often neglected during requirements elicitation, which leads to tacked-on designs, vulne...
Defining security requirements is the important first step in designing, implementing and evaluating...
The goal of SecReq [2] is to assist all steps in security requirements elicitation, as well as provi...
Despite the acknowledged need for systems to be both us- able and secure, we lack guidance on how d...
Despite the acknowledged need for systems to be both usable and secure, we lack guidance on how deve...
This paper presents a framework for security requirements elicitation and analysis. The framework is...
AbstractSecurity is often an afterthought during software development. Realizing security early, esp...
This paper presents a framework for security requirements elicitation and analysis, based upon the ...
Security is today considered as a basic foundation in software development and therefore, the modell...
The aim of this paper is to provide better support for the development of secure systems. We argue t...
Context & motivation: More and more software projects today are security-related in one way or the o...
The quest for designing secure and trusted software has led to refined Software Engineering methodol...
UnrestrictedResearch experience shows that security needs to be considered from the beginning of sof...
There has been a growing concern on the importance of security with the rise of phenomena, such as e...
Software Engineering has established techniques, methods and technology over two decades. However, d...
Security is often neglected during requirements elicitation, which leads to tacked-on designs, vulne...
Defining security requirements is the important first step in designing, implementing and evaluating...