loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Daniel Mellado 1 ; Eduardo Fernández-Medina 2 and Mario Piattini 2

Affiliations: 1 Ministry of Labour and Social Affairs, Information Technology Center of the National Social Security Institute, Spain ; 2 University of Castilla-La Mancha, Spain

ISBN: 978-972-8865-63-4

Keyword(s): Security Requirements, Security Requirements Engineering, Common Criteria.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Security Engineering ; Security in Information Systems ; Security Requirements

Abstract: Integration of security into the early stages of the system development is necessary to build secure systems. However, in the majority of software projects security is dealt with when the system has already been designed and put into operation. This paper will propose an approach called SREP (Security Requirements Engineering Process) for the development of secure software. We will present an iterative and incremental micro-process for the security requirements analysis that is repeatedly performed at each phase. It integrates the Common Criteria into the software lifecycle model as well as it is based on the reuse of security requirements, by providing a security resources repository. In brief, we will present an approach which deals with the security requirements at the early stages of software development in a systematic and intuitive way, and which also conforms to ISO/IEC 17799:2005.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 35.172.217.40

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Mellado D.; Fernández-Medina E.; Piattini M. and (2006). SECURE INFORMATION SYSTEMS DEVELOPMENT - Based on a Security Requirements Engineering Process.In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006) ISBN 978-972-8865-63-4, pages 467-470. DOI: 10.5220/0002098004670470

@conference{secrypt06,
author={Daniel Mellado and Eduardo Fernández{-}Medina and Mario Piattini},
title={SECURE INFORMATION SYSTEMS DEVELOPMENT - Based on a Security Requirements Engineering Process},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)},
year={2006},
pages={467-470},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002098004670470},
isbn={978-972-8865-63-4},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)
TI - SECURE INFORMATION SYSTEMS DEVELOPMENT - Based on a Security Requirements Engineering Process
SN - 978-972-8865-63-4
AU - Mellado, D.
AU - Fernández-Medina, E.
AU - Piattini, M.
PY - 2006
SP - 467
EP - 470
DO - 10.5220/0002098004670470

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.