An Analysis for Understanding Software Security Requirement Methodologies

Author

Du, Jing ; Yang, Ye ; Wang, Qing

Author_Institution

Inst. of Software, Chinese Acad. of Sci., Beijing, China

fYear

2009

fDate

8-10 July 2009

Firstpage

141

Lastpage

149

Abstract

Over the past two decades, large amount of work has been done to improve and assure software quality. However, as software development becomes more complex, distributed, and concurrent, security issues have great influence on software quality. Among those issues, the ones related to development of security requirement are especially critical to the development of software or software-intensive systems. In this paper, we will report our work on reviewing and analyzing different studies on software security requirement development to provide a common understanding for further research and study. Our major analysis findings include: Definition of security requirements in common criteria is a widely accepted one among various understandings; Elicitation and analysis are the mainstream activities during security requirement development; and process-oriented and reuse-based methods are gaining their popularities.

Keywords

reviews; security; software engineering; process-oriented method; reuse-based method; review; software development; software quality; software security requirement; software-intensive systems; Authentication; Costs; Face detection; Failure analysis; Fault trees; Programming; Safety; Security; Software quality; Software systems; Literature Review and Analysis; Requirement Methodology; Security Requirement; Software;

fLanguage

English

Publisher

ieee

Conference_Titel

Secure Software Integration and Reliability Improvement, 2009. SSIRI 2009. Third IEEE International Conference on

Conference_Location

Shanghai

Print_ISBN

978-0-7695-3758-0

Type

conf

DOI

10.1109/SSIRI.2009.14

Filename

5325381