The security requirements specification (SRS) is an integral aspect of the development of secured information systems and entails the formal documentation of the security needs of a system in a correct and consistent way. However, in many cases there is lack of sufficiently experienced security experts or security requirements (SR) engineer within an organization, which limits the quality of SR that are specified. This paper presents an approach that leverages ontologies and requirements boilerplates in order to alleviate the effect of lack of highly experienced personnel for SRS. It also offers a credible starting point for the SRS process. A preliminary evaluation of the tool prototype – ReqSec tool - was used to demonstrate the approac...
This paper addresses the issue of accommodating security requirements in application development. It...
Security concerns for physical, software and virtual worlds have captured the attention of researche...
Requirements engineering is the initial process of software development that critically determines t...
The task of specifying and managing security requirements (SR) is a challenging one. Usually SR are ...
International audienceSecurity is an important issue that needs to be taken into account at all stag...
Attaining high quality in security requirements specification requires first-rate professional exper...
Despite existing methodologies in the field, most requirements engineers are poorly trained to defin...
International audienceDespite existing methodologies in the field, most requirements engineers are p...
Critical software vulnerabilities are often caused by incorrect, vague, or missing security requirem...
Software Requirement Specification (SRS) is frequently evolving to reflect requirements change durin...
In recent years, security in Information Systems (IS) has become an important issue, and needs to be...
Security requirements managers aim at eliciting, reusing and keeping their sets of requirements. The...
Well-defined and unambiguous security requirements are essential for developing secure software syst...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
Usually, the security requirements are addressed by abstracting the security problems arising in a s...
This paper addresses the issue of accommodating security requirements in application development. It...
Security concerns for physical, software and virtual worlds have captured the attention of researche...
Requirements engineering is the initial process of software development that critically determines t...
The task of specifying and managing security requirements (SR) is a challenging one. Usually SR are ...
International audienceSecurity is an important issue that needs to be taken into account at all stag...
Attaining high quality in security requirements specification requires first-rate professional exper...
Despite existing methodologies in the field, most requirements engineers are poorly trained to defin...
International audienceDespite existing methodologies in the field, most requirements engineers are p...
Critical software vulnerabilities are often caused by incorrect, vague, or missing security requirem...
Software Requirement Specification (SRS) is frequently evolving to reflect requirements change durin...
In recent years, security in Information Systems (IS) has become an important issue, and needs to be...
Security requirements managers aim at eliciting, reusing and keeping their sets of requirements. The...
Well-defined and unambiguous security requirements are essential for developing secure software syst...
This paper presents a model for structuring and reusing security requirements sources. The model ser...
Usually, the security requirements are addressed by abstracting the security problems arising in a s...
This paper addresses the issue of accommodating security requirements in application development. It...
Security concerns for physical, software and virtual worlds have captured the attention of researche...
Requirements engineering is the initial process of software development that critically determines t...