Analysis and component-based realization of security requirements

ARES 2008 - 3rd International Conference on Availability, Security, and Reliability, Proceedings

Volumn , Issue , 2008, Pages 195-203

  Hatebur, Denis ^a,b   Heisel, Maritta ^a   Schmidt, Holger ^a  

^a UNIVERSITY OF DUISBURG ESSEN   (Germany)

^b ITESYS Institute for Technical Systems GmbH   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

PROCESS ENGINEERING; TECHNOLOGY;

COMPONENT-BASED; DESIGN PHASE; INTERNATIONAL CONFERENCES; SECURE SOFTWARE; SECURITY REQUIREMENTS; SECURITY REQUIREMENTS ENGINEERING; SECURITY SOFTWARE; SOFTWARE DEVELOPERS;

SOFTWARE DESIGN;

EID: 49049087976     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ARES.2008.27     Document Type: Conference Paper

References (15)

1. P. Bresciani, P. Giorgini, F. Giunchiglia, J. Mylopoulos, and A. Perini. Tropos: An agent-oriented software development methodology. Journal of Autonomous Agents and Multi-Agent Systems, Kluwer Academic Publishers Volume 8, Issue 3:203-236, May 2004.
2. E. B. Fernandez, D. L. la Red M., J. Forneron, V. E. Uribe, and G. Rodriguez. A secure analysis pattern for handling legal cases. to be published in: SugarLoafPLoP'2007-6th Latin America Conference on Pattern Languages of Programming, http://sugarloafplop.dsc.upe.br/wwD.zip, 2007.
3. U. R. T. Force. OMG Unified Modeling Language: Superstructure, August 2005. http://www.uml.org.
4. S. F. Gürses, J. H. Jahnke, C. Obry, A. Onabajo, T. San-ten, and M. Price. Eliciting confidentiality requirements in practice. In CASCON '05: Proceedings of the 2005 conference of the Centre for Advanced Studies on Collaborative research, pages 101-116. IBM Press, 2005.
5. C. B. Haley, J. D. Moffett, R. Laney, and B. Nuseibeh. A framework for security requirements engineering. In SESS '06: Proceedings of the 2006 international workshop on Software engineering for secure systems, pages 35-42, New York, NY, USA, 2006. ACM Press.
6. D. Hatebur, M. Heisel, and H. Schmidt. Security engineering using problem frames. In G. Müller, editor, Proceedings of the International Conference on Emerging Trends in Information and Communication Security (ETRICS), LNCS 3995, pages 238-253. Springer-Verlag, 2006.
7. D. Hatebur, M. Heisel, and H. Schmidt. A pattern system for security requirements engineering. In Proceedings of the International Conference on Availability, Reliability and Security (AReS), pages 356-365. IEEE, 2007.
8. D. Hatebur, M. Heisel, and H. Schmidt. A security engineering process based on patterns. In Proceedings of the International Workshop on Secure Systems Methodologies using Patterns (SPatterns), pages 734-738. IEEE, 2007.
9. M. Jackson. Problem Frames. Analyzing and structuring software development problems. Addison-Wesley, 2001.
10. A. Lanoix, D. Hatebur, M. Heisel, and J. Souquières. Enhancing dependability of component-based systems. In N. Abdennadher and F. Kordon, editors, Reliable Software Technologies - Ada Europe 2007, LNCS 4498, pages 41-54. Springer-Verlag, 2007.
11. L. Lin, B. Nuseibeh, D. Ince, M. Jackson, and J. Moffett. Introducing abuse frames for analysing security requirements. In Proceedings of 11th IEEE International Requirements Engineering Conference (RE'03), pages 371-372, 2003. Poster Paper.
12. H. Mouratidis and P. Giorgini. Secure tropos: A security-oriented extension of the tropos methodology. International Journal of Software Engineering and Knowledge Engineering, World Scientific 17(2):285-309, 2007.
13. G. Popp, J. Jurjens, G. Wimmel, and R. Breu. Security-critical system development with extended use cases. In APSEC, pages 478-487, 2003.
14. M. Schumacher, E. Fernandez-Buglioni, D. Hybertson, F. Buschmann, and P. Sommerlad. Security Patterns: Integrating Security and Systems Engineering. Wiley & Sons, 2005.
15. A. van Lamsweerde, S. Brohez, R. De Landtsheer, and D. Janssens. From system goals to intruder anti-goals: Attack generation and resolution for security requirements engineering. In Proceedings of the RE'03 Workshop on Requirements for High Assurance Systems (RHAS), pages 49-56, September 2003.