{"title":"安全需求分析的课程设计和方法","authors":"K. Taguchi, Yasuyuki Tahara","doi":"10.2201/NIIPI.2008.5.4","DOIUrl":null,"url":null,"abstract":"Lack of security is one of the most widespread problems affecting information systems. Security breaches at companies are reported almost everyday and users of computer systems are busy updating security of their computer system against vulnerabilities. While some of these problems are caused by human errors and faults of physical devices but the majority of them are due to the defects in software systems. The best way to reduce them is to find and fix them in an early stage of the software development, especially in the requirements elicitation and analysis phases. In this paper, we will present how we designed a security requirements analysis course to address this issue. We will also present security requirements elicitation methodologies based on the agentand goal-oriented requirements analysis methodologies of KAOS and i*.","PeriodicalId":91638,"journal":{"name":"... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing","volume":"104 1","pages":"19"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Curriculum design and methodologies for security requirements analysis\",\"authors\":\"K. Taguchi, Yasuyuki Tahara\",\"doi\":\"10.2201/NIIPI.2008.5.4\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Lack of security is one of the most widespread problems affecting information systems. Security breaches at companies are reported almost everyday and users of computer systems are busy updating security of their computer system against vulnerabilities. While some of these problems are caused by human errors and faults of physical devices but the majority of them are due to the defects in software systems. The best way to reduce them is to find and fix them in an early stage of the software development, especially in the requirements elicitation and analysis phases. In this paper, we will present how we designed a security requirements analysis course to address this issue. We will also present security requirements elicitation methodologies based on the agentand goal-oriented requirements analysis methodologies of KAOS and i*.\",\"PeriodicalId\":91638,\"journal\":{\"name\":\"... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing\",\"volume\":\"104 1\",\"pages\":\"19\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-03-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.2201/NIIPI.2008.5.4\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2201/NIIPI.2008.5.4","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Curriculum design and methodologies for security requirements analysis
Lack of security is one of the most widespread problems affecting information systems. Security breaches at companies are reported almost everyday and users of computer systems are busy updating security of their computer system against vulnerabilities. While some of these problems are caused by human errors and faults of physical devices but the majority of them are due to the defects in software systems. The best way to reduce them is to find and fix them in an early stage of the software development, especially in the requirements elicitation and analysis phases. In this paper, we will present how we designed a security requirements analysis course to address this issue. We will also present security requirements elicitation methodologies based on the agentand goal-oriented requirements analysis methodologies of KAOS and i*.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
