Security Requirements Engineering is an emerging field which lies at the crossroads of Security and Software Engineering. Much research has focused on this field in recent years, spurred by the realization that security must be dealt with in the earliest phases of the software development process as these phases cover a broader organizational perspective. Agent-oriented methodologies have proved to be especially useful in this setting as they support the modeling of the social context in which the system-to-be will operate. In our previous work, we proposed the SI* modeling language to deal with security and trust, and the Secure Tropos methodology for designing secure software systems. Since then, both have been revised and refined in ligh...