Security requirements are a fundamental ingredient for an information system's quality. Despite their importance, security requirements play the role of a "stepchild" in software engineering. If considered at all they cover the technical dimension of information systems, i.e. the electronic part of information processing. This view is insufficient to deal with the requirements of the "real world", i.e. the organisational practice. It is not just the technical criteria which are decisive in specifying security requirements. We have extended these criteria to incorporate the social and the economic dimension of information exchange in organisations. We will illustrate this extension of traditional approaches in a comprehensive security framework and we will demonstrate the interaction of the additional security criteria with traditional approaches.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.