By Topic

A Security Requirements Engineering Process in Practice

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

The purchase and pricing options are temporarily unavailable. Please try again later.
3 Author(s)

Security requirements for the IT-systems are being more and more complicated due to the scale-spreading, diversification and connectivity of them, therefore it is very difficult to make an Information System secure. Without a systematic process or methodology security requirements are often retrofitted late in the development process or pursed separately from functional design. A real case study is shown in this paper demonstrating how security requirements can be obtained in a guided, intuitive and systematic way together with the other requirements and since the early stages of the software development process by applying our proposed security requirements engineering process, called SREP, which is based on providing a security resources repository and on integrating the Common Criteria into the software development lifecycle.

Published in:

Latin America Transactions, IEEE (Revista IEEE America Latina)  (Volume:5 ,  Issue: 4 )