Applying a Security Requirements Engineering Process

Mellado, Daniel; Fernández‐Medina, Eduardo; Piattini, Mario

doi:10.1007/11863908_13

Cited by 50 publications

(27 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(l) Security requirements engineering framework (SREF) [32]: is based on constructing a context for the system using a problem-oriented notation to represent security requirements as constraints, and to develop and evaluate satisfaction arguments for the security requirements. (m) Security requirements engineering process (SREP) [18]: is an iterative and incremental process. Furthermore, SREP is asset-based, risk driven, and, following the Common Criteria (CC) supports the reuse of security requirements, as well as the reuse of knowledge on assets, threats, and countermeasures.…”

Section: The Security Requirements Engineering Methods Reviewedmentioning

confidence: 99%

A Review of Security Requirements Engineering Methods with Respect to Risk Analysis and Model-Driven Engineering

Muñante

Chiprianov

Gallon

et al. 2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Part 1: Cross-Domain Conference and Workshop on Multidisciplinary Research and Practice for Information Systems (CD-ARES 2014): Software SecurityInternational audienceOne of the most important aspects that help improve the quality and cost of secure information systems in their early stages of the development lifecycle is Security Requirements Engineering (SRE). However, obtaining such requirements is non-trivial. One domain dealing also with eliciting security requirements is Risk Analysis (RA). Therefore, we perform a review of SRE methods in order to analyse which ones are compatible with RA processes. Moreover, the transition from these early security requirements to security policies at later stages in the lifecycle is generally non-automatic, informal and incomplete. To deal with such issues, model-driven engineering (MDE) uses formal models and automatic model transformations. Therefore, we also review which SRE methods are compatible with MDE approaches. Consequently, our review is based on criteria derived partially from existing survey works, further enriched and specialized in order to evaluate the compatibility of SRE methods with the disciplines of RA and MDE. It summarizes the evidence regarding this issue so as to improve understanding and facilitate evaluating and selecting SRE methods

show abstract

Section: The Security Requirements Engineering Methods Reviewedmentioning

confidence: 99%

A Review of Security Requirements Engineering Methods with Respect to Risk Analysis and Model-Driven Engineering

Muñante

Chiprianov

Gallon

et al. 2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Many techniques have been proposed, including SQUARE [5,34], SREP [35,36], CLASP [40], misuse cases [33,47], and security patterns [27,45,48]. Related implementations have seen great success in practice, e.g., Microsoft uses the Security Development Lifecycle (SDL) for the development of their software that must withstand attacks [32], and Oracle has developed OSSA for the secure software development of their products [41].…”

Section: Kirin Security Rulesmentioning

confidence: 99%

On lightweight mobile phone application certification

Enck

Ongtang

McDaniel

2009

Proceedings of the 16th ACM Conference on Computer and Communications Security

753

451

View full text Add to dashboard Cite

Users have begun downloading an increasingly large number of mobile phone applications in response to advancements in handsets and wireless networks. The increased number of applications results in a greater chance of installing Trojans and similar malware. In this paper, we propose the Kirin security service for Android, which performs lightweight certification of applications to mitigate malware at install time. Kirin certification uses security rules, which are templates designed to conservatively match undesirable properties in security configuration bundled with applications. We use a variant of security requirements engineering techniques to perform an in-depth security analysis of Android to produce a set of rules that match malware characteristics. In a sample of 311 of the most popular applications downloaded from the official Android Market, Kirin and our rules found 5 applications that implement dangerous functionality and therefore should be installed with extreme caution. Upon close inspection, another five applications asserted dangerous rights, but were within the scope of reasonable functional needs. These results indicate that security configuration bundled with Android applications provides practical means of detecting malware.

show abstract

“…In [10] as a tabular method we chose SREP [6] proposed by University of Castilla-La Mancha and used by CMU Software Engineering Institute in their tutorials. The participants worked in groups of two and conducted SRA of four security tasks from SmartGrid scenario using both methods.…”

Section: Retrospective Analysismentioning

confidence: 99%

“…Industry opts for tabular models like OCTAVE [4], ISO 27005 and NIST 800-30. Microsoft STRIDE [5] is the exception on the industry side and SREP [6] is the exception on the academic side.…”

Section: Introductionmentioning

confidence: 99%

On the Equivalence Between Graphical and Tabular Representations for Security Risk Assessment

Labunets

Massacci

Paci

2017

Requirements Engineering: Foundation for Software Quality

View full text Add to dashboard Cite

Abstract.[Context] Many security risk assessment methods are proposed both in academia (typically with a graphical notation) and industry (typically with a tabular notation).[Question] We compare methods based on those two notations with respect to their actual and perceived efficacy when both groups are equipped with a domain-specific security catalogue (as typically available in industry risk assessments).[Results] Two controlled experiments with MSc students in computer science show that tabular and graphical methods are (statistically) equivalent in quality of identified threats and security controls. In the first experiment the perceived efficacy of tabular method was slightly better than the graphical one, and in the second experiment two methods are perceived as equivalent.[Contribution] A graphical notation does not warrant by itself better (security) requirements elicitation than a tabular notation in terms of the quality of actually identified requirements.

show abstract

Applying a Security Requirements Engineering Process

Cited by 50 publications

References 11 publications

A Review of Security Requirements Engineering Methods with Respect to Risk Analysis and Model-Driven Engineering

A Review of Security Requirements Engineering Methods with Respect to Risk Analysis and Model-Driven Engineering

On lightweight mobile phone application certification

On the Equivalence Between Graphical and Tabular Representations for Security Risk Assessment

Contact Info

Product

Resources

About