RUP-based process model for security requirements engineering in value-added service development

Due to the spreading of SMS services and appearing of new business models, value-added SMS services have been introduced. According to the research results about wide distribution of security incidents on ICT systems worldwide, in spite of known security solutions, there is a necessity for organizational approach to implement security. This paper presents research and development efforts in building process model SecuRUP for security requirements engineering conformed to RUP framework. The model consists of processes, artifacts, activities and according roles for successful elicitation, analysis and specification of recognized security requirements and is validated on presented case study. The model validation results have shown significant process improvement, especially on roles and activities identification in SecuRUP elaboration process, but only further case studies in industry can be best indicators for usefulness of such models.