Title :
Security Requirements Elicitation via Weaving Scenarios Based on Security Evaluation Criteria
Author :
Itoga, Hiroya ; Ohnishi, Atsushi
Author_Institution :
Ritsumeikan Univ., Shiga
Abstract :
Software is required to comply with the laws and standards of software security. However, stakeholders with less concern regarding security can neither describe the behaviour of the system with regard to security nor validate the system´s behaviour when the security function conflicts with usability. Scenarios or use- case specifications are common in requirements elicitation and are useful to analyse the usability of the system from a behavioural point of view. In this paper, the authors propose a method to weave scenario fragments based on security evaluation criteria into scenarios. The experiments showed that the weaving method led to a better scenario than the method involving writing or modifying the scenario with reference to security evaluation criteria.
Keywords :
formal specification; security of data; security evaluation criteria; security function conflicts; security requirements elicitation; software security; system usability; use-case specifications; weaving scenarios; Books; Computer security; Costs; Data security; Information security; Programming; Software standards; Software systems; Usability; Weaving;
Conference_Titel :
Quality Software, 2007. QSIC '07. Seventh International Conference on
Conference_Location :
Portland, OR
Print_ISBN :
978-0-7695-3035-2
DOI :
10.1109/QSIC.2007.4385482
