-
3
-
-
4344598248
-
Evaluating the effect of a delegated versus centralized control style on the maintainability of object-oriented software
-
Arisholm E., and Sjøberg D.I.K. Evaluating the effect of a delegated versus centralized control style on the maintainability of object-oriented software. IEEE Transactions on Software Engineering 30 (2004) 521-534
-
(2004)
IEEE Transactions on Software Engineering
, vol.30
, pp. 521-534
-
-
Arisholm, E.1
Sjøberg, D.I.K.2
-
4
-
-
0029253405
-
Specification and validation of a security policy model
-
Boswell A. Specification and validation of a security policy model. IEEE Transactions on Software Engineering 21 (1995) 63-68
-
(1995)
IEEE Transactions on Software Engineering
, vol.21
, pp. 63-68
-
-
Boswell, A.1
-
5
-
-
13644252156
-
-
Masters thesis, Department of Information Science, University of Bergen, Norway, Bergen
-
G.F. Breivik, Abstract Misuse Patterns - A new approach to security requirements, Masters thesis, Department of Information Science, University of Bergen, N-5020 Norway, Bergen, 2002.
-
(2002)
Abstract Misuse Patterns - A new approach to security requirements
-
-
Breivik, G.F.1
-
7
-
-
0036721855
-
Towards requirements-driven information systems engineering: the Tropos project
-
Castro J., Kolp M., and Mylopoulos J. Towards requirements-driven information systems engineering: the Tropos project. Information Systems 27 (2002) 356-389
-
(2002)
Information Systems
, vol.27
, pp. 356-389
-
-
Castro, J.1
Kolp, M.2
Mylopoulos, J.3
-
8
-
-
60949094533
-
Common Criteria for Information Technology Security Evaluation, Common Criteria Implementation Board
-
CCIMB, Technical Report, CCIMB-99-031
-
CCIMB, Common Criteria for Information Technology Security Evaluation, Common Criteria Implementation Board, Technical Report, CCIMB-99-031, 1999.
-
(1999)
-
-
-
9
-
-
55249087535
-
Perceived usefulness, perceived ease of use and user acceptance of information technology
-
Davis F.D. Perceived usefulness, perceived ease of use and user acceptance of information technology. MIS Quarterly 13 (1989) 319-340
-
(1989)
MIS Quarterly
, vol.13
, pp. 319-340
-
-
Davis, F.D.1
-
10
-
-
84905824485
-
A comparative evaluation of three approaches to specifying security requirements
-
Luxembourg
-
M.H. Diallo, J. Romero-Mariona, S.E. Sim, D.J. Richardson, A comparative evaluation of three approaches to specifying security requirements, in: Proceedings of the REFSQ'06, Luxembourg, 2006.
-
(2006)
Proceedings of the REFSQ'06
-
-
Diallo, M.H.1
Romero-Mariona, J.2
Sim, S.E.3
Richardson, D.J.4
-
11
-
-
60949103111
-
Integrating model-based security risk management into eBusiness systems development - the CORAS approach
-
Monteiro J.L., Swatman P.M.C., and Tavares L.V. (Eds), Kluwer, Lisbon, Portugal
-
Dimitrakos T., Ritchie B., Raptis D., Aagedal J.Ø., Braber F.d., Stølen K., and Houmb S.H. Integrating model-based security risk management into eBusiness systems development - the CORAS approach. In: Monteiro J.L., Swatman P.M.C., and Tavares L.V. (Eds). Proceedings of the 2nd IFIP Conference on E-Commerce, E-Business, E-Government (I3E'2002) (2003), Kluwer, Lisbon, Portugal 159-175
-
(2003)
Proceedings of the 2nd IFIP Conference on E-Commerce, E-Business, E-Government (I3E'2002)
, pp. 159-175
-
-
Dimitrakos, T.1
Ritchie, B.2
Raptis, D.3
Aagedal, J.Ø.4
Braber, F.d.5
Stølen, K.6
Houmb, S.H.7
-
12
-
-
27644587258
-
Do viewpoints lead to better conceptual models? An exploratory case study
-
Atlee J., and Rolland C. (Eds), IEEE, Paris
-
Easterbrook S., Yu E., Aranda J., Fan Y., Horkoff J., Leica M., and Qadir R.A. Do viewpoints lead to better conceptual models? An exploratory case study. In: Atlee J., and Rolland C. (Eds). Proceedings of the 13th IEEE International Conference on Requirements Engineering (RE'05) (2005), IEEE, Paris 199-208
-
(2005)
Proceedings of the 13th IEEE International Conference on Requirements Engineering (RE'05)
, pp. 199-208
-
-
Easterbrook, S.1
Yu, E.2
Aranda, J.3
Fan, Y.4
Horkoff, J.5
Leica, M.6
Qadir, R.A.7
-
13
-
-
60949085857
-
-
Masters thesis, Department of Computer and Information Science, NTNU, Trondheim, Norway
-
S. Ekremsvik, E.M. Tiset, Misbrukstilfeller - utprøving i praksis og evaluering av teknikk, Masters thesis, Department of Computer and Information Science, NTNU, Trondheim, Norway 2004.
-
(2004)
Misbrukstilfeller - utprøving i praksis og evaluering av teknikk
-
-
Ekremsvik, S.1
Tiset, E.M.2
-
18
-
-
85085406935
-
Matching attack patterns to security vulnerabilities in software-intensive system designs
-
Bruschi D., Win B.D., and Monga M. (Eds), IEEE, St. Louis
-
Gegick M., and Williams L. Matching attack patterns to security vulnerabilities in software-intensive system designs. In: Bruschi D., Win B.D., and Monga M. (Eds). Proceedings of the Software Engineering for Secure Systems (SESS'05) (2005), IEEE, St. Louis
-
(2005)
Proceedings of the Software Engineering for Secure Systems (SESS'05)
-
-
Gegick, M.1
Williams, L.2
-
19
-
-
0142156745
-
Requirements engineering meets security: a case study on modelling secure electronic transactions by VISA and Mastercard
-
Song I., Liddle S.W., Ling T.W., and Scheuermann P. (Eds), Springer-Verlag, Chicago
-
Giorgini P., Massacci F., and Mylopoulos J. Requirements engineering meets security: a case study on modelling secure electronic transactions by VISA and Mastercard. In: Song I., Liddle S.W., Ling T.W., and Scheuermann P. (Eds). Proceedings of the 22nd International Conference on Conceptual Modeling (ER'03), Lecture Notes in Computer Science vol. 2813 (2003), Springer-Verlag, Chicago 263-276
-
(2003)
Proceedings of the 22nd International Conference on Conceptual Modeling (ER'03), Lecture Notes in Computer Science
, vol.2813
, pp. 263-276
-
-
Giorgini, P.1
Massacci, F.2
Mylopoulos, J.3
-
20
-
-
24944578244
-
Modelling security requirements through ownership, permission, and delegation
-
Atlee J., and Rolland C. (Eds), IEEE, Paris
-
Giorgini P., Massacci F., Mylopoulos J., and Zannone N. Modelling security requirements through ownership, permission, and delegation. In: Atlee J., and Rolland C. (Eds). Proceedings of the 13th International Requirements Engineering Conference (2005), IEEE, Paris 167-176
-
(2005)
Proceedings of the 13th International Requirements Engineering Conference
, pp. 167-176
-
-
Giorgini, P.1
Massacci, F.2
Mylopoulos, J.3
Zannone, N.4
-
21
-
-
0036149234
-
Correctness by construction: developing a commercial secure system
-
Hall A., and Chapman R. Correctness by construction: developing a commercial secure system. IEEE Software 19 (2002) 18-25
-
(2002)
IEEE Software
, vol.19
, pp. 18-25
-
-
Hall, A.1
Chapman, R.2
-
22
-
-
60949093361
-
-
W.G. Hopkins, A New View of Statistics, University of Queensland, Australia, Technical Report, 2001.
-
W.G. Hopkins, A New View of Statistics, University of Queensland, Australia, Technical Report, 2001.
-
-
-
-
24
-
-
79955163100
-
UMLsec: extending UML for secure systems development
-
Jezequel J.M., Haussmann H., and Cook S. (Eds), Springer, Dresden, Germany
-
Jürjens J. UMLsec: extending UML for secure systems development. In: Jezequel J.M., Haussmann H., and Cook S. (Eds). Proceedings of the Unified Modeling Language, 5th International Conference (UML 2002), Lecture Notes in Computer Science vol. 2460 (2002), Springer, Dresden, Germany 412-425
-
(2002)
Proceedings of the Unified Modeling Language, 5th International Conference (UML 2002), Lecture Notes in Computer Science
, vol.2460
, pp. 412-425
-
-
Jürjens, J.1
-
26
-
-
33750302858
-
Adopting a situational requirements engineering approach for the analysis of civil aviation security standards
-
Laleau R., Vignes S., Ledru Y., Lemoine M., Bert D., Donzeau-Gouge V., Dubois C., and Peureux F. Adopting a situational requirements engineering approach for the analysis of civil aviation security standards. Software Process: Improvement and Practice 11 (2006) 487-503
-
(2006)
Software Process: Improvement and Practice
, vol.11
, pp. 487-503
-
-
Laleau, R.1
Vignes, S.2
Ledru, Y.3
Lemoine, M.4
Bert, D.5
Donzeau-Gouge, V.6
Dubois, C.7
Peureux, F.8
-
28
-
-
17044394774
-
Using abuse frames to bound the scope of security problems
-
Maiden N.A.M. (Ed), IEEE, Kyoto, Japan
-
Lin L., Nuseibeh B., Ince D., and Jackson M. Using abuse frames to bound the scope of security problems. In: Maiden N.A.M. (Ed). Proceedings of the 12th IEEE International Requirements Engineering Conference (RE'04) (2004), IEEE, Kyoto, Japan
-
(2004)
Proceedings of the 12th IEEE International Requirements Engineering Conference (RE'04)
-
-
Lin, L.1
Nuseibeh, B.2
Ince, D.3
Jackson, M.4
-
29
-
-
84942866002
-
Security and privacy requirements analysis within a social setting
-
IEEE Press, Monterey Bay, CA
-
Liu L., Yu E., and Mylopoulos J. Security and privacy requirements analysis within a social setting. Proceedings of the 11th International Requirements Engineering Conference (RE'03) (2003), IEEE Press, Monterey Bay, CA 151-160
-
(2003)
Proceedings of the 11th International Requirements Engineering Conference (RE'03)
, pp. 151-160
-
-
Liu, L.1
Yu, E.2
Mylopoulos, J.3
-
30
-
-
79955143136
-
SecureUML: a UML-based modeling language for model-driven security
-
Jezequel J.M., Haussmann H., and Cook S. (Eds), Springer, Dresden, Germany
-
Lodderstedt T., Basin D., and Doser J. SecureUML: a UML-based modeling language for model-driven security. In: Jezequel J.M., Haussmann H., and Cook S. (Eds). Proceedings of the Unified Modeling Language, 5th International Conference (UML 2002), Lecture Notes in Computer Science vol. 2460 (2002), Springer, Dresden, Germany 426-441
-
(2002)
Proceedings of the Unified Modeling Language, 5th International Conference (UML 2002), Lecture Notes in Computer Science
, vol.2460
, pp. 426-441
-
-
Lodderstedt, T.1
Basin, D.2
Doser, J.3
-
31
-
-
17744386721
-
Using a security requirements engineering methodology in practice: the compliance with the Italian data protection legislation
-
Massacci F., Prest M., and Zannone N. Using a security requirements engineering methodology in practice: the compliance with the Italian data protection legislation. Computer Standards and Interfaces 27 (2005) 445-455
-
(2005)
Computer Standards and Interfaces
, vol.27
, pp. 445-455
-
-
Massacci, F.1
Prest, M.2
Zannone, N.3
-
32
-
-
33746078483
-
Detecting conflicts between functional and security requirements with secure Tropos: John Rusnak and the Allied Irish Bank
-
Giorgini P., Maiden N.A.M., Mylopoulos J., and Yu E. (Eds), MIT Press, Cambridge, MA
-
Massacci F., and Zannone N. Detecting conflicts between functional and security requirements with secure Tropos: John Rusnak and the Allied Irish Bank. In: Giorgini P., Maiden N.A.M., Mylopoulos J., and Yu E. (Eds). Social Modeling for Requirements Engineering (2006), MIT Press, Cambridge, MA
-
(2006)
Social Modeling for Requirements Engineering
-
-
Massacci, F.1
Zannone, N.2
-
33
-
-
38149047599
-
Comparison of goal modelling languages: an experiment
-
Sawyer P., Paech B., and Heymans P. (Eds), Springer, Trondheim, Norway
-
Matulevicius R., and Heymans P. Comparison of goal modelling languages: an experiment. In: Sawyer P., Paech B., and Heymans P. (Eds). Proceedings of the International Working Conference on Requirements Engineering: Foundation for Software Quality (REFSQ'07), Lecture Notes in Computer Science vol. 4542 (2007), Springer, Trondheim, Norway 18-32
-
(2007)
Proceedings of the International Working Conference on Requirements Engineering: Foundation for Software Quality (REFSQ'07), Lecture Notes in Computer Science
, vol.4542
, pp. 18-32
-
-
Matulevicius, R.1
Heymans, P.2
-
34
-
-
45849131284
-
Design of a modelling language for information system security risk management
-
Rolland C., Pastor O., and Cavarero J.-L. (Eds), IEEE, Ouarzazate, Morocco
-
Mayer N., Heymans P., and Matulevicius R. Design of a modelling language for information system security risk management. In: Rolland C., Pastor O., and Cavarero J.-L. (Eds). Proceedings of the First International Conference on Research Challenges in Information Science (RCIS'07) (2007), IEEE, Ouarzazate, Morocco 121-132
-
(2007)
Proceedings of the First International Conference on Research Challenges in Information Science (RCIS'07)
, pp. 121-132
-
-
Mayer, N.1
Heymans, P.2
Matulevicius, R.3
-
36
-
-
0010920417
-
From object-oriented to goal-oriented requirements analysis
-
Mylopoulos J., Chung L., and Yu E. From object-oriented to goal-oriented requirements analysis. Communications of the ACM 42 (1999) 31-37
-
(1999)
Communications of the ACM
, vol.42
, pp. 31-37
-
-
Mylopoulos, J.1
Chung, L.2
Yu, E.3
-
37
-
-
60949090741
-
-
Masters thesis, Department of Computer and Information Science, NTNU, Trondheim, Norway
-
M. Mæhre, Industrial experiences with misuse cases, Masters thesis, Department of Computer and Information Science, NTNU, Trondheim, Norway, 2005.
-
(2005)
Industrial experiences with misuse cases
-
-
Mæhre, M.1
-
38
-
-
38149017149
-
Automatically generating requirements from i* models: a case study with a complex airport operations system
-
Sawyer P., Paech B., and Heymans P. (Eds), Springer, Trondheim, Norway
-
Ncube C., Lockerbie J., and Maiden N.A.M. Automatically generating requirements from i* models: a case study with a complex airport operations system. In: Sawyer P., Paech B., and Heymans P. (Eds). Proceedings of the International Working Conference on Requirements Engineering: Foundations for Software Quality (REFSQ'07), Lecture Notes in Computer Science vol. 4542 (2007), Springer, Trondheim, Norway
-
(2007)
Proceedings of the International Working Conference on Requirements Engineering: Foundations for Software Quality (REFSQ'07), Lecture Notes in Computer Science
, vol.4542
-
-
Ncube, C.1
Lockerbie, J.2
Maiden, N.A.M.3
-
39
-
-
60949086125
-
-
M. Petit, Knowledge map of research in interoperability in the INTEROP NoE, Univ. Namur, Belgium, Project report, Deliverable D1.1, 2004, p. 278.
-
M. Petit, Knowledge map of research in interoperability in the INTEROP NoE, Univ. Namur, Belgium, Project report, Deliverable D1.1, 2004, p. 278.
-
-
-
-
40
-
-
78651456570
-
Towards an integration of security requirements into business process modeling
-
Fernández-Medina E., Hernández J.C., and García L.J. (Eds), INSTICC Press, Miami
-
Rodriguez A., Fernandez-Medina E., and Piattini M. Towards an integration of security requirements into business process modeling. In: Fernández-Medina E., Hernández J.C., and García L.J. (Eds). Proceedings of the Third International Workshop on Security in Information Systems (WOSIS) (2005), INSTICC Press, Miami 287-297
-
(2005)
Proceedings of the Third International Workshop on Security in Information Systems (WOSIS)
, pp. 287-297
-
-
Rodriguez, A.1
Fernandez-Medina, E.2
Piattini, M.3
-
41
-
-
33845208648
-
Capturing security requirements in business processes through a UML 2.0 activity diagrams profile
-
Roddick J.F., Richard Benjamins V., Si-Said Cherfi S., Chiang R.H.L., Claramunt C., Elmasri R., Grandi F., Han H., Hepp M., Lytras M.D., Misic V.B., Poels G., Song I.-Y., Trujillo J., and Vangenot C. (Eds), Springer, Tucson, AZ, USA
-
Rodriguez A., Fernandez-Medina E., and Piattini M. Capturing security requirements in business processes through a UML 2.0 activity diagrams profile. In: Roddick J.F., Richard Benjamins V., Si-Said Cherfi S., Chiang R.H.L., Claramunt C., Elmasri R., Grandi F., Han H., Hepp M., Lytras M.D., Misic V.B., Poels G., Song I.-Y., Trujillo J., and Vangenot C. (Eds). Proceedings of the Advances in Conceptual Modeling - Theory and Practice, ER 2006 Workshops, Lecture Notes in Computer Science vol. 4231 (2006), Springer, Tucson, AZ, USA
-
(2006)
Proceedings of the Advances in Conceptual Modeling - Theory and Practice, ER 2006 Workshops, Lecture Notes in Computer Science
, vol.4231
-
-
Rodriguez, A.1
Fernandez-Medina, E.2
Piattini, M.3
-
43
-
-
33750050331
-
-
Schumacher M., Fernandez E.B., Hybertson D., Buschmann F., and Sommerlad P. (Eds), J. Wiley & Sons, Chichester, UK
-
In: Schumacher M., Fernandez E.B., Hybertson D., Buschmann F., and Sommerlad P. (Eds). Security Patterns: Integrating Security and Systems Engineering (2005), J. Wiley & Sons, Chichester, UK
-
(2005)
Security Patterns: Integrating Security and Systems Engineering
-
-
-
44
-
-
13644252644
-
Eliciting security requirements with misuse cases
-
Sindre G., and Opdahl A.L. Eliciting security requirements with misuse cases. Requirements Engineering 10 (2005) 34-44
-
(2005)
Requirements Engineering
, vol.10
, pp. 34-44
-
-
Sindre, G.1
Opdahl, A.L.2
-
45
-
-
13644271504
-
Generalization/specialization as a structuring mechanism for misuse cases
-
CERIAS/Purdue, Raleigh, NC
-
Sindre G., Opdahl A.L., and Breivik G.F. Generalization/specialization as a structuring mechanism for misuse cases. Proceedings of the 2nd Symposium for Requirements Engineering for Information Security (SREIS'02) (2002), CERIAS/Purdue, Raleigh, NC
-
(2002)
Proceedings of the 2nd Symposium for Requirements Engineering for Information Security (SREIS'02)
-
-
Sindre, G.1
Opdahl, A.L.2
Breivik, G.F.3
-
47
-
-
57049132856
-
The CORAS approach for model-based risk management applied to a telemedicine service
-
IOS Press, StMalo, France
-
Stamatiou Y., Skipenes E., Henriksen E., Stathiakis N., Sikianakis A., Charalambous E., Antonakis N., Stølen K., Braber F.d., Lund M.S., Papadaki K., and Valvis G. The CORAS approach for model-based risk management applied to a telemedicine service. Proceedings of the Medical Informatics Europe (MIE'2003) (2003), IOS Press, StMalo, France 206-211
-
(2003)
Proceedings of the Medical Informatics Europe (MIE'2003)
, pp. 206-211
-
-
Stamatiou, Y.1
Skipenes, E.2
Henriksen, E.3
Stathiakis, N.4
Sikianakis, A.5
Charalambous, E.6
Antonakis, N.7
Stølen, K.8
Braber, F.d.9
Lund, M.S.10
Papadaki, K.11
Valvis, G.12
-
49
-
-
17744386105
-
From system goals to intruder anti-goals: attack generation and resolution for security requirements engineering
-
Heytmeier C., and Mead N. (Eds), Carnegie Mellon University, Monterey Bay, CA
-
van Lamsweerde A., Brohez S., De Landtsheer R., and Janssens D. From system goals to intruder anti-goals: attack generation and resolution for security requirements engineering. In: Heytmeier C., and Mead N. (Eds). Proceedings of the 2nd International Workshop on Requirements Engineering for High Assurance Systems (RHAS'03) (2003), Carnegie Mellon University, Monterey Bay, CA 49-56
-
(2003)
Proceedings of the 2nd International Workshop on Requirements Engineering for High Assurance Systems (RHAS'03)
, pp. 49-56
-
-
van Lamsweerde, A.1
Brohez, S.2
De Landtsheer, R.3
Janssens, D.4
-
50
-
-
0003639957
-
-
Kluwer Academic, Norwell, MA, USA
-
Wohlin C., Runeson P., Höst M., Ohlsson M.C., Regnell B., and Wesslén A. Experimentation in Software Engineering: An Introduction (2000), Kluwer Academic, Norwell, MA, USA
-
(2000)
Experimentation in Software Engineering: An Introduction
-
-
Wohlin, C.1
Runeson, P.2
Höst, M.3
Ohlsson, M.C.4
Regnell, B.5
Wesslén, A.6
|