Reusing security requirements using an extended quality model

Proceedings - International Conference on Software Engineering

Volumn , Issue , 2010, Pages 1-7

  Luckey, Markus ^a   Baumann, Andrea ^b   Fernández, Daniel Méndez ^c   Wagner, Stefan ^c  

^a UNIVERSITY OF PADERBORN   (Germany)

^b BUNDESWEHR UNIVERSITY MUNICH   (Germany)

^c TECHNICAL UNIVERSITY OF MUNICH   (Germany)

Author keywords

quality model; quality requirement; reuse; security

Indexed keywords

ACTIVITY-BASED; INDUSTRIAL PROJECTS; NEW PROJECTS; PROJECT PHASIS; QUALITY MODELS; QUALITY REQUIREMENTS; REQUIREMENTS SPECIFICATIONS; SECURITY REQUIREMENTS; SOFTWARE PRODUCTS; TECHNOLOGICAL ASPECTS; TIME SAVINGS;

ENGINEERING; SOFTWARE ENGINEERING;

COMPUTER SOFTWARE SELECTION AND EVALUATION;

EID: 77954580848     PISSN: 02705257     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1809100.1809101     Document Type: Conference Paper

References (23)

1. A. I. Anton and J. B. Earp. Strategies for developing policies and requirements for secure electronic commerce systems. Technical report, North Carolina State University at Raleigh, 2000.
2. V. Basili, P. Donzelli, and S. Asgari. A unified model of dependability: Capturing dependability in context. IEEE Softw., 21(6):19-25, 2004.
3. B. W. Boehm and P. N. Papaccio. Understanding and controlling software costs. IEEE Trans. Softw. Eng., 14(10):1462-1477, October 1988.
4. CCRA. Common criteria for information technology security evaluation, version 3.1. http://www.commoncriteria.org, 2009.
5. L. M. Cysneiros and J. C. S. do Prado Leite. Nonfunctional Requirements: From Elicitation to Conceptual Models. IEEE Trans. Softw. Eng., 30(5), 2004.
6. F. Deissenboeck, E. Juergens, K. Lochmann, and S. Wagner. Software quality models: Purposes, usage scenarios and requirements. In Proc. 7th International Workshop on Software Quality (WoSQ 09). IEEE Computer Society, 2009.
7. F. Deissenboeck, S. Wagner, M. Pizka, S. Teuchert, and J. F. Girard. An activity-based quality model for maintainability. In Proc. IEEE International Conference on Software Maintenance (ICSM 2007), pages 184-193. IEEE Computer Society, 2007.
8. J. Doerr, D. Kerkow, T. Koenig, T. Olsson, and T. Suzuki. Non-functional requirements in industry - three case studies adopting an experience-based NFR method. In Proc. 13th International Conference on Requirements Engineering (RE'05), pages 373-382. IEEE Computer Society, 2005.
9. C. Ebert. Dealing with Nonfunctional Requirements in Large Software Systems. Ann. Softw. Eng., 3:367-395, 1997. (Pubitemid 127429242)
10. Federal Office for Information Security (BSI) in Germany. IT-Grundschutz Catalogues. https://www.bsi.bund.de/, 2007.
11. D. Firesmith. Engineering security requirements. Journal of Object Technology, 2(1):53-68, 2003.
12. M. Glinz. On non-functional requirements. In Proc. 15th IEEE International Requirements Engineering Conference. IEEE Computer Society, 2007.
13. T. Gorschek and C. Wohlin. Requirements abstraction model. Requir. Eng., 11(1):79-101, 2006.
14. C. B. Haley, R. C. Laney, J. D. Moffett, and B. Nuseibeh. Security requirements engineering: A framework for representation and analysis. IEEE Trans. Softw. Eng., 34(1):133-153, 2008. (Pubitemid 351343906)
15. R. Kazman, M. Klein, and P. Clements. ATAM: Method for architecture evaluation. Technical report, CMU/SEI, August 2000.
16. B. Kitchenham and S. P. Pfleeger. Software quality: The elusive target. IEEE Softw., 13(1):12-21, 1996.
17. D. Mellado, E. Fernandez-Medina, and M. Piattini. A common criteria based security requirements engineering process for the development of secure information systems. Computer Standards & Interfaces, 29(2):244-253, 2007.
18. D. Mellado, E. F. Medina, and M. Piattini. Security requirements variability for software product lines. In Proc. Third International Conference on Availability, Reliability and Security (ARES '08), pages 1413-1420. IEEE Computer Society, 2008.
19. J. Mylopoulos, L. Chung, and B. Nixon. Representing and using nonfunctional requirements: A process-oriented approach. IEEE Trans. Softw. Eng., 18(6):483-497, 1992.
20. G. Sindre, D. G. Firesmith, and A. L. Opdahl. A reuse-based approach to determining security requirements. In Proc. 9th International Workshop on Requirements Engineering: Foundation for Software Quality (REFSQ'03), pages 16-17, 2003.
21. I. Sommerville. Software Engineering (6th Edition). Addison Wesley, August 2000.
22. S. Wagner, F. Deissenboeck, and S. Winter. Managing quality requirements using activity-based quality models. In Proc. 6th Intern. Workshop on Software Quality (WoSQ '08), pages 29-34. ACM Press, 2008.
23. S. Wagner, D. Mendez Fernandez, S. Islam, and K. Lochmann. A security requirements approach for web systems. In Workshop Quality Assessment in Web (QAW 2009). 2009.