• DocumentCode
    3460127
  • Title

    The hidden meta-requirements of security and privacy

  • Author

    Spafford, Gene

  • Author_Institution
    CERIAS, Purdue Univ., West Lafayette, IN, USA
  • fYear
    2001
  • fDate
    2001
  • Firstpage
    10
  • Abstract
    When collecting requirements for software, designers may learn of needs for specific forms of protection to be present. These needs may be translated into requirements for encryption or authentication, but what about the non-obvious aspects of security - including privacy, auditability and assurance - that are usually overlooked in the requirements capture process? When we overlook these issues, we get software that doesn´t deserve our trust. In this paper, I discuss some of the aspects of security that are regularly overlooked by designers and suggest some standard questions that should be addressed in every design
  • Keywords
    auditing; data privacy; security of data; software quality; systems analysis; auditability; authentication; encryption; hidden meta-requirements; privacy; security; software design; software protection; software quality assurance; software requirements capture; software trustworthiness; Authentication; Computer science education; Computer security; Cryptography; Information security; Military computing; Privacy; Protection; Software design; USA Councils;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Requirements Engineering, 2001. Proceedings. Fifth IEEE International Symposium on
  • Conference_Location
    Toronto, Ont.
  • Print_ISBN
    0-7695-1125-2
  • Type

    conf

  • DOI
    10.1109/ISRE.2001.948536
  • Filename
    948536
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3460127