You are not logged in.

Capturing security requirements using essential use cases (EUCs)

Yahya, Syazwani, Kamalrudin, Massila, Sidek, Safiah and Grundy, John 2014, Capturing security requirements using essential use cases (EUCs). In Zowshi, Didar and Jin, Zhi (ed), Requirements engineering : first Asia Pacific Requirements Engineering Symposium, APRES 2014, Auckland, New Zealand, April 28-29, 2014, proceedings, Springer, Berlin, Germany, pp.16-30, doi: 10.1007/978-3-662-43610-3_2.

Attached Files
Name Description MIMEType Size Downloads

Title Capturing security requirements using essential use cases (EUCs)
Author(s) Yahya, Syazwani
Kamalrudin, Massila
Sidek, Safiah
Grundy, JohnORCID iD for Grundy, John orcid.org/0000-0003-4928-7076
Title of book Requirements engineering : first Asia Pacific Requirements Engineering Symposium, APRES 2014, Auckland, New Zealand, April 28-29, 2014, proceedings
Editor(s) Zowshi, Didar
Jin, Zhi
Publication date 2014
Chapter number 2
Total chapters 16
Start page 16
End page 30
Total pages 15
Publisher Springer
Place of Publication Berlin, Germany
Keyword(s) Software Engineering
Requirements Capturing
Security Requirements
Secure Software Development
Essential Use Case (EUC)
Summary Capturing security requirements is a complex process, but it is crucial to the success of a secure software product. Hence, requirements engineers need to have security knowledge when eliciting and analyzing the security requirements from business requirements. However, the majority of requirements engineers lack such knowledge and skills, and they face difficulties to capture and understand many security terms and issues. This results in capturing inaccurate, inconsistent and incomplete security requirements that in turn may lead to insecure software systems. In this paper, we describe a new approach of capturing security requirements using an extended Essential Use Cases (EUCs) model. This approach enhances the process of capturing and analyzing security requirements to produce accurate and complete requirements. We have evaluated our prototype tool using usability testing and assessment of the quality of our generated EUC security patterns by security engineering experts.
ISBN 9783662436097
ISSN 1865-0929
Language eng
DOI 10.1007/978-3-662-43610-3_2
Field of Research 080309 Software Engineering
Socio Economic Objective 890202 Application Tools and System Utilities
HERDC Research category B1.1 Book chapter
ERA Research output type B Book chapter
Copyright notice ©2014, Springer
Persistent URL http://hdl.handle.net/10536/DRO/DU:30081808

Document type: Book Chapter
Collections: School of Information Technology
ERA Postprints
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 0 times in TR Web of Science
Scopus Citation Count Cited 3 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 139 Abstract Views, 9 File Downloads  -  Detailed Statistics
Created: Tue, 01 Mar 2016, 11:50:09 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.