A Requirements Engineering-based Approach for evaluating Security Requirements Engineering Methodologies
| Autor: | Abdelmalek Benzekri, Ahmad Samer Wazan, Francois Barrere, Romain Laborde, Sravani Teja Bulusu |
|---|---|
| Přispěvatelé: | Institut National Polytechnique de Toulouse - Toulouse INP (FRANCE), Centre National de la Recherche Scientifique - CNRS (FRANCE), Université Toulouse III - Paul Sabatier - UT3 (FRANCE), Université Toulouse - Jean Jaurès - UT2J (FRANCE), Université Toulouse 1 Capitole - UT1 (FRANCE) |
| Jazyk: | angličtina |
| Rok vydání: | 2018 |
| Předmět: |
Requirements engineering
Network security business.industry Computer science Multitude Système d'exploitation Réseaux et télécommunications 020207 software engineering Context (language use) 02 engineering and technology Security critical systems Security requirements engineering Systèmes embarqués Work (electrical) Risk analysis (engineering) Architectures Matérielles 020204 information systems 0202 electrical engineering electronic engineering information engineering Evaluation methodology KAOS business |
| Zdroj: | Advances in Intelligent Systems and Computing ISBN: 9783319770277 |
| Popis: | The significance of security requirements in building safety and security critical systems is widely acknowledged. However, given the multitude of security requirements engineering methodologies that exists today, selecting the best suitable methodology remains challenging. In a previous work, we proposed a generic evaluation methodology to elicit and evaluate the anticipated characteristics of a security requirements engineering methodology with regards to the stakeholders' working context. In this article, we provide the empirical evaluation of three security requirements engineering methodologies KAOS, STS and SEPP with respect to the evaluation criteria elicited for network SRE context. The study show that none of them provide good support to derive network security requirements. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|