메뉴 건너뛰기




Volumn 52, Issue 10, 2010, Pages 1094-1117

Security requirements engineering framework for software product lines

Author keywords

ISO 27001; Product lines; Requirements engineering; Security requirement; Security requirements engineering; Security software engineering

Indexed keywords

ISO 27001; PRODUCT-LINES; SECURITY REQUIREMENTS; SECURITY REQUIREMENTS ENGINEERING; SECURITY SOFTWARE;

EID: 77955431422     PISSN: 09505849     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.infsof.2010.05.007     Document Type: Article
Times cited : (39)

References (62)
  • 1
    • 77950516100 scopus 로고    scopus 로고
    • Integrating privacy requirements into security requirements engineering
    • S. Abu-Nimeh, S. Miyazaki, N.R. Mead, Integrating privacy requirements into security requirements engineering, in SEKE, 2009, pp. 542-547.
    • (2009) SEKE , pp. 542-547
    • Abu-Nimeh, S.1    Miyazaki, S.2    Mead, N.R.3
  • 2
    • 33746338083 scopus 로고    scopus 로고
    • Guide v2.0, C.M.U. Software Engineering Institute, Editor Pittsburgh (USA)
    • C. Alberts, A. Dorofee, OCTAVE Method Implementation Guide v2.0, C.M.U. Software Engineering Institute, Editor, 2001, Pittsburgh (USA).
    • (2001) OCTAVE Method Implementation
    • Alberts, C.1    Dorofee, A.2
  • 11
    • 48049085565 scopus 로고    scopus 로고
    • Scenario-based application requirements engineering
    • T. Käkölä, J.C. Dueñas (Eds.)
    • S. Bühne, G. Halmans, K. Lauenroth, K. Pohl, Scenario-based application requirements engineering, in: T. Käkölä, J.C. Dueñas (Eds.), Software Product Lines - Research Issues in Engineering and Management, 2005, pp. 161-194.
    • (2005) Software Product Lines - Research Issues in Engineering and Management , pp. 161-194
    • Bühne, S.1
  • 12
    • 77955414537 scopus 로고    scopus 로고
    • CERT/CC, CERT/CC Statistics 1995-2008
    • CERT/CC, CERT/CC Statistics 1995-2008, 2009. < http://www.cert.org/ stats/fullstats.html >.
    • (2009)
  • 14
    • 58849148475 scopus 로고    scopus 로고
    • How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns
    • L. Compagna, P.E. Khoury, A. Krausová, F. Massacci, and N. Zannone How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns Artificial Intelligence and Law 17 1 2009 1 30
    • (2009) Artificial Intelligence and Law , vol.17 , Issue.1 , pp. 1-30
    • Compagna, L.1    Khoury, P.E.2    Krausová, A.3    Massacci, F.4    Zannone, N.5
  • 15
    • 36849025796 scopus 로고    scopus 로고
    • Future directions in technology-enabled crime: 2007-09
    • Australian-Government, Editor, Australian Institute of Criminology
    • K.-K.R. Choo, R.G. Smith, R. McCusker, Future directions in technology-enabled crime: 2007-09, in: Research and Public Policy Series, Australian-Government, Editor, 2007, Australian Institute of Criminology.
    • (2007) Research and Public Policy Series
    • Choo, K.-K.R.1    Smith, R.G.2    McCusker, R.3
  • 17
  • 19
    • 34548719253 scopus 로고    scopus 로고
    • Engineering safety and security related requirements for software intensive systems
    • IEEE Computer Society
    • D.G. Firesmith, Engineering safety and security related requirements for software intensive systems, in: International Conference on Software Engineering, IEEE Computer Society, 2007, p. 169.
    • (2007) International Conference on Software Engineering , pp. 169
    • Firesmith, D.G.1
  • 27
    • 79955163100 scopus 로고    scopus 로고
    • UMLsec: Extending UML for secure systems development
    • UML 2002 - The Unified Modeling Language. Model Engineering, Languages, Concepts, and Tools LNCS 2460
    • J. Jürjens, UMLsec: extending UML for secure systems development, in: UML 2002 - The Unified Modeling Language. Model Engineering, Languages, Concepts, and Tools. 5th International Conference, LNCS 2460, 2002, pp. 412-425.
    • (2002) 5th International Conference , pp. 412-425
    • Jürjens, J.1
  • 38
    • 17744386721 scopus 로고    scopus 로고
    • Using a security requirements engineering methodology in practice: The compliance with the Italian data protection legislation
    • F. Massacci, M. Prest, and N. Zannone Using a security requirements engineering methodology in practice: the compliance with the Italian data protection legislation Computers Standards and Interfaces 2005 445 455
    • (2005) Computers Standards and Interfaces , pp. 445-455
    • Massacci, F.1    Prest, M.2    Zannone, N.3
  • 39
    • 33750135439 scopus 로고    scopus 로고
    • Security requirements engineering for software systems: Case studies in support of software engineering education
    • N.R. Mead, E.D. Hough, Security requirements engineering for software systems: case studies in support of software engineering education, in: CSEE&T, 2006, pp. 149-158.
    • (2006) CSEE&T , pp. 149-158
    • Mead, N.R.1    Hough, E.D.2
  • 41
    • 33745912495 scopus 로고    scopus 로고
    • A comparative study of proposals for establishing security requirements for the development of secure information systems
    • Springer LNCS 3982
    • D. Mellado, E. Fernández-Medina, M. Piattini, A comparative study of proposals for establishing security requirements for the development of secure information systems, in: The 2006 International Conference on Computational Science and its Applications (ICCSA 2006), vol. 3, Springer LNCS 3982, 2006, pp. 1044-1053.
    • (2006) The 2006 International Conference on Computational Science and Its Applications (ICCSA 2006) , vol.3 , pp. 1044-1053
    • Mellado, D.1
  • 42
    • 33751416458 scopus 로고    scopus 로고
    • A common criteria based security requirements engineering process for the development of secure information systems
    • D. Mellado, E. Fernández-Medina, and M. Piattini A common criteria based security requirements engineering process for the development of secure information systems Computer Standards and Interfaces 29 2 2007 244 253
    • (2007) Computer Standards and Interfaces , vol.29 , Issue.2 , pp. 244-253
    • Mellado, D.1    Fernández-Medina, E.2    Piattini, M.3
  • 45
    • 44949241673 scopus 로고    scopus 로고
    • Towards security requirements management for software product lines: A security domain requirements engineering process
    • D. Mellado, E. Fernández-Medina, and M. Piattini Towards security requirements management for software product lines: a security domain requirements engineering process Computer Standards & Interfaces 30 2008 361 371
    • (2008) Computer Standards & Interfaces , vol.30 , pp. 361-371
    • Mellado, D.1    Fernández-Medina, E.2    Piattini, M.3
  • 46
    • 77950516969 scopus 로고    scopus 로고
    • A systematic review of security requirements engineering
    • accessed02.02.10
    • D. Mellado, E. Fernández-Medina, M. Piattini, A systematic review of security requirements engineering, Computers Standards & Interfaces, 2010. < http://dx.doi.org/10.1016/j.csi.2010.01.006 > (accessed 02.02.10).
    • (2010) Computers Standards & Interfaces
    • Mellado, D.1
  • 48
    • 34848888028 scopus 로고    scopus 로고
    • Capturing quality requirements of product family architecture
    • E. Niemelä, and A. Immonen Capturing quality requirements of product family architecture Information & Software Technology 2007 1107 1120
    • (2007) Information & Software Technology , pp. 1107-1120
    • Niemelä, E.1    Immonen, A.2
  • 52
    • 60949097689 scopus 로고    scopus 로고
    • Experimental comparison of attack trees and misuse cases for security threat identification
    • A.L. Opdahl, and G. Sindre Experimental comparison of attack trees and misuse cases for security threat identification Information and Software Technology 51 5 2010 916 932
    • (2010) Information and Software Technology , vol.51 , Issue.5 , pp. 916-932
    • Opdahl, A.L.1    Sindre, G.2
  • 54
    • 5144226159 scopus 로고    scopus 로고
    • A customizable approach to full-life cycle variability management
    • Elsevier
    • K. Schmid, and I. John A customizable approach to full-life cycle variability management Science of Computer Programming vol. 53 2004 Elsevier 259 284
    • (2004) Science of Computer Programming , vol.53 , pp. 259-284
    • Schmid, K.1    John, I.2
  • 57
    • 77955412763 scopus 로고    scopus 로고
    • Pittsburgh (USA): Software Engineering Institute, Carnegie Mellon University
    • SEI, +SAFE, V1.2 A Safety Extension to CMMI-DEV V1.2. 2007, Pittsburgh (USA): Software Engineering Institute, Carnegie Mellon University.
    • (2007) SEI, +SAFE, V1.2 A Safety Extension to CMMI-DEV V1.2
  • 59
    • 13644252644 scopus 로고    scopus 로고
    • Eliciting security requirements with misuse cases
    • G. Sindre, and A.L. Opdahl Eliciting security requirements with misuse cases Requirements Engineering 10 1 2005 34 44
    • (2005) Requirements Engineering , vol.10 , Issue.1 , pp. 34-44
    • Sindre, G.1    Opdahl, A.L.2
  • 61
    • 17844409254 scopus 로고    scopus 로고
    • Requirements reuse for improving information systems security: A practitioner's approach
    • A. Toval, J. Nicolás, B. Moros, and F. García Requirements reuse for improving information systems security: a practitioner's approach Requirements Engineering 2002 205 219
    • (2002) Requirements Engineering , pp. 205-219
    • Toval, A.1    Nicolás, J.2    Moros, B.3    García, F.4


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.