Title of article
A Tool-based Semantic Framework for Security Requirements Specification
Author/Authors
Daramola, Olawande Covenant University - Department of Computer and Information Sciences, Nigeria , Sindre, Guttorm Norwegian University of Science and Technology (NTNU) - Department of Computer and Information Science, Norway , Moser, Thomas Vienna University of Technology - Christian Doppler Laboratory for Software Engineering Christian Doppler Laboratory for Software EngineeringIntegration for Flexible Automation Systems, Austria
From page
1940
To page
1962
Abstract
Attaining high quality in security requirements specification requires first-rate professional expertise, which is scarce. In fact, most organisations do not include core security experts in their software team. This scenario motivates the need for adequate tool support for security requirements specification so that the human requirements analyst can be assisted to specify security requirements of acceptable quality with minimum effort. This paper presents a tool-based semantic framework that uses ontology and requirements boilerplates to facilitate the formulation and specification of security requirements. A two-phased evaluation of the semantic framework suggests that it is usable, leads to reduction of effort, aids the quick discovery of hidden security threats, and improves the quality of security requirements.
Keywords
security requirements , ontology , requirements boilerplates , information extraction , security threat , misuse cases
Journal title
Journal of J.UCS (Journal of Universal Computer Science)
Journal title
Journal of J.UCS (Journal of Universal Computer Science)
Record number
2715124
Link To Document