Reference Hub

This research has been cited in:

Conference
Argumentation-based security requirements elicitation: The next round2014 IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE)10.1109/ESPRE.2014.6890521
Chapter
Verifikation und ValidierungSecurity by Design10.1007/978-3-662-62917-8_7
Chapter
Selecting Security Mechanisms in Secure TroposTrust, Privacy and Security in Digital Business10.1007/978-3-319-64483-7_7
Conference
A model based security requirements engineering framework applied for online trading system2011 International Conference on Recent Trends in Information Technology (ICRTIT)10.1109/ICRTIT.2011.5972266
Conference
Context-sensitive Information security Risk identification and evaluation techniques2014 IEEE 22nd International Requirements Engineering Conference (RE)10.1109/RE.2014.6912303
Chapter
Graphical Modeling of Security Arguments: Current State and Future DirectionsGraphical Models for Security10.1007/978-3-319-74860-3_1
Article
A framework to support alignment of secure software engineering with legal regulationsSoftware & Systems Modeling10.1007/s10270-010-0154-z
Article
A Domain Ontology Based Approach to Identify Effect Types of Security Requirements upon Functional RequirementsInternational Journal of Knowledge Engineering-IACSIT10.7763/IJKE.2015.V1.4
Conference
Literature Review of the Challenges of Developing Secure Software Using the Agile Approach2015 10th International Conference on Availability, Reliability and Security10.1109/ARES.2015.69
Conference
Security Requirements Variability for Software Product Lines2008 Third International Conference on Availability, Reliability and Security10.1109/ARES.2008.165
Chapter
The Secret Lives of Assumptions: Developing and Refining Assumption Personas for Secure System DesignHuman-Centred Software Engineering10.1007/978-3-642-16488-0_9
Article
Survey and analysis on Security Requirements EngineeringComputers & Electrical Engineering10.1016/j.compeleceng.2012.08.008
Conference
Modeling the linkage between systems interoperability and security engineering2010 5th International Conference on System of Systems Engineering10.1109/SYSOSE.2010.5544056
Article
Secure by DesignInternational Journal of Secure Software Engineering10.4018/jsse.2011070102
Article
Evaluation of the Challenges of Developing Secure Software Using the Agile ApproachInternational Journal of Secure Software Engineering10.4018/IJSSE.2016010102
Chapter
Cognitive Complexity MeasuresComputer Engineering10.4018/978-1-61350-456-7.ch705
Chapter
Secure by DesignDeveloping and Evaluating Security-Aware Software Systems10.4018/978-1-4666-2482-5.ch001

Arguing Satisfaction of Security Requirements

C. B. Haley, R. Laney, J. D. Moffett, B. Nuseibeh

Source Title: Integrating Security and Software Engineering: Advances and Future Visions

ISBN13: 9781599041476|ISBN10: 1599041472|ISBN13 Softcover: 9781599041483|EISBN13: 9781599041490

DOI: 10.4018/978-1-59904-147-6.ch002

Cite Chapter Cite Chapter

MLA

Haley, C. B., et al. "Arguing Satisfaction of Security Requirements." Integrating Security and Software Engineering: Advances and Future Visions, edited by Haralambos Mouratidis and Paolo Giorgini, IGI Global, 2007, pp. 16-43. https://doi.org/10.4018/978-1-59904-147-6.ch002

APA

Haley, C. B., Laney, R., Moffett, J. D., & Nuseibeh, B. (2007). Arguing Satisfaction of Security Requirements. In H. Mouratidis & P. Giorgini (Eds.), Integrating Security and Software Engineering: Advances and Future Visions (pp. 16-43). IGI Global. https://doi.org/10.4018/978-1-59904-147-6.ch002

Chicago

Haley, C. B., et al. "Arguing Satisfaction of Security Requirements." In Integrating Security and Software Engineering: Advances and Future Visions, edited by Haralambos Mouratidis and Paolo Giorgini, 16-43. Hershey, PA: IGI Global, 2007. https://doi.org/10.4018/978-1-59904-147-6.ch002

Export Reference

Favorite

View Full Text PDF

Abstract

This chapter presents a process for security requirements elicitation and analysis, based around the construction of a satisfaction argument for the security of a system. The process starts with the enumeration of security goals based on assets in the system, then uses these goals to derive security requirements in the form of constraints. Next, a satisfaction argument for the system is constructed, using a problem-centered representation, a formal proof to analyze properties that can be demonstrated, and structured informal argumentation of the assumptions exposed during construction of the argument. Constructing the satisfaction argument can expose missing and inconsistent assumptions about system context and behavior that effect security, and a completed argument provides assurances that a system can respect its security requirements.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email: *

Password: *

Forgot individual login password?

Create individual account

Arguing Satisfaction of Security Requirements

MLA

APA

Chicago

Export Reference

Abstract

Request Access