{"title":"Curriculum design and methodologies for security requirements analysis","authors":"K. Taguchi, Yasuyuki Tahara","doi":"10.2201/NIIPI.2008.5.4","DOIUrl":null,"url":null,"abstract":"Lack of security is one of the most widespread problems affecting information systems. Security breaches at companies are reported almost everyday and users of computer systems are busy updating security of their computer system against vulnerabilities. While some of these problems are caused by human errors and faults of physical devices but the majority of them are due to the defects in software systems. The best way to reduce them is to find and fix them in an early stage of the software development, especially in the requirements elicitation and analysis phases. In this paper, we will present how we designed a security requirements analysis course to address this issue. We will also present security requirements elicitation methodologies based on the agentand goal-oriented requirements analysis methodologies of KAOS and i*.","PeriodicalId":91638,"journal":{"name":"... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing","volume":"104 1","pages":"19"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2201/NIIPI.2008.5.4","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Lack of security is one of the most widespread problems affecting information systems. Security breaches at companies are reported almost everyday and users of computer systems are busy updating security of their computer system against vulnerabilities. While some of these problems are caused by human errors and faults of physical devices but the majority of them are due to the defects in software systems. The best way to reduce them is to find and fix them in an early stage of the software development, especially in the requirements elicitation and analysis phases. In this paper, we will present how we designed a security requirements analysis course to address this issue. We will also present security requirements elicitation methodologies based on the agentand goal-oriented requirements analysis methodologies of KAOS and i*.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
