loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Daniel Mellado 1 ; Eduardo Fernández-Medina 2 and Mario Piattini 2

Affiliations: 1 Ministry of Work and Social Affairs, Spain ; 2 University of Castilla La-Mancha, Spain

Keyword(s): Security requirements, product lines, Common Criteria, Security.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Security in Information Systems ; Security Requirements

Abstract: Proper analysis and understanding of security requirements are important because they help us to discover any security or requirement defects or mistakes in the early stages of development. Hence, security requirements engineering is both a central task and a critical success factor in product line development due to the complexity and extensive nature of product lines. However, most of the current product line practices in requirements engineering do not adequately address security requirements engineering. Therefore, in this paper we will propose a security quality requirements engineering process (SREPPLine) driven by security standards and based on a security requirements decision model along with a security variability model to manage the variability of the artefacts related to security requirements. The aim of this approach is to deal with security requirements from the early stages of the product line development in a systematic way, in order to facilitate conformance with the most relevant security standards with regard to the management of security requirements, such as ISO/IEC 27001 and ISO/IEC 15408. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 107.20.123.227

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Mellado, D.; Fernández-Medina, E. and Piattini, M. (2008). SECURITY REQUIREMENTS IN SOFTWARE PRODUCT LINES. In Proceedings of the International Conference on Security and Cryptography (ICETE 2008) - SECRYPT; ISBN 978-989-8111-59-3; ISSN 2184-3236, SciTePress, pages 442-449. DOI: 10.5220/0001922804420449

@conference{secrypt08,
author={Daniel Mellado. and Eduardo Fernández{-}Medina. and Mario Piattini.},
title={SECURITY REQUIREMENTS IN SOFTWARE PRODUCT LINES},
booktitle={Proceedings of the International Conference on Security and Cryptography (ICETE 2008) - SECRYPT},
year={2008},
pages={442-449},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001922804420449},
isbn={978-989-8111-59-3},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography (ICETE 2008) - SECRYPT
TI - SECURITY REQUIREMENTS IN SOFTWARE PRODUCT LINES
SN - 978-989-8111-59-3
IS - 2184-3236
AU - Mellado, D.
AU - Fernández-Medina, E.
AU - Piattini, M.
PY - 2008
SP - 442
EP - 449
DO - 10.5220/0001922804420449
PB - SciTePress