UNSPECIFIED (2014) Capturing Security Requirements Using Essential Use Cases (EUCs). In: UNSPECIFIED, (ed.) Communications in Computer and Information Science, Requirements Engineering,. Springer Verlag.
|
PDF
chp-3A10.1007-2F978-3-662-43610-3_2.pdf Download (1MB) |
Abstract
Capturing security requirements is a complex process, but it is crucial to the success of a secure software product. Hence, requirements engineers need to have security knowledge when eliciting and analyzing the security requirements from business requirements. However, the majority of requirements engineers lack such knowledge and skills, and they face difficulties to capture and understand many security terms and issues. This results in capturing inaccurate, inconsistent and incomplete security requirements that in turn may lead to insecure software systems. In this paper, we describe a new approach of capturing security requirements using an extended Essential Use Cases (EUCs) model. This approach enhances the process of capturing and analyzing security requirements to produce accurate and complete requirements. We have evaluated our prototype tool using usability testing and assessment of the quality of our generated EUC security patterns by security engineering experts.
Item Type: | Book Chapter |
---|---|
Subjects: | Q Science > QA Mathematics > QA76 Computer software |
Divisions: | Faculty of Information and Communication Technology > Department of Software Engineeering |
Depositing User: | Dr Massila Kamalrudin |
Date Deposited: | 11 Nov 2014 22:18 |
Last Modified: | 28 May 2015 04:33 |
URI: | http://eprints.utem.edu.my/id/eprint/13712 |
Statistic Details: | View Download Statistic |
Actions (login required)
View Item |