发布求助
文献互助 智能选刊 最新文献

2012 Second IEEE International Workshop on Requirements Patterns (RePa)最新文献

筛选
英文 中文
Early security patterns: A collection of constraints to describe regulatory security requirements 早期安全模式:描述法规安全性需求的约束集合
2012 Second IEEE International Workshop on Requirements Patterns (RePa) Pub Date : 2012-11-26 DOI: 10.1109/RePa.2012.6359966
R. Gandhi, Mariam Rahmani
{"title":"Early security patterns: A collection of constraints to describe regulatory security requirements","authors":"R. Gandhi, Mariam Rahmani","doi":"10.1109/RePa.2012.6359966","DOIUrl":"https://doi.org/10.1109/RePa.2012.6359966","url":null,"abstract":"Security engineering involves systematically applying the accumulated experience and best practices, such as regulatory security requirements, to identify a repeatable solution that is cost-effective, continuously improved, and fulfills security expectations of the stakeholders. However, security principles and regulatory requirements are rarely applied systematically during system design. We outline a stepwise process to extract domain concepts and apply a lightweight formal modeling language, Alloy, for the representation of regulatory requirements as early security patterns. These patterns, as a collection of constraints describing regulatory requirements provide a template for the systematic integration and analysis of these constraints in a system context. Each pattern defines a constrained solution space that can be enforced in subsequent phases of secure system development, testing and operation.","PeriodicalId":255558,"journal":{"name":"2012 Second IEEE International Workshop on Requirements Patterns (RePa)","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115374636","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Characterizations and boundaries of security requirements patterns 安全需求模式的特征和边界
2012 Second IEEE International Workshop on Requirements Patterns (RePa) Pub Date : 2012-11-26 DOI: 10.1109/RePa.2012.6359974
Rocky Slavin, Hui Shen, Jianwei Niu
{"title":"Characterizations and boundaries of security requirements patterns","authors":"Rocky Slavin, Hui Shen, Jianwei Niu","doi":"10.1109/RePa.2012.6359974","DOIUrl":"https://doi.org/10.1109/RePa.2012.6359974","url":null,"abstract":"Very often in the software development life cycle, security is applied too late or important security aspects are overlooked. Although the use of security patterns is gaining popularity, the current state of security requirements patterns is such that there is not much in terms of a defining structure. To address this issue, we are working towards defining the important characteristics as well as the boundaries for security requirements patterns in order to make them more effective. By examining an existing general pattern format that describes how security patterns should be structured and comparing it to existing security requirements patterns, we are deriving characterizations and boundaries for security requirements patterns. From these attributes, we propose a defining format. We hope that these can reduce user effort in elicitation and specification of security requirements patterns.","PeriodicalId":255558,"journal":{"name":"2012 Second IEEE International Workshop on Requirements Patterns (RePa)","volume":"99 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133711685","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Using the Goal-oriented pattern family framework for modelling outcome-based regulations 使用面向目标的模式族框架对基于结果的规则进行建模
2012 Second IEEE International Workshop on Requirements Patterns (RePa) Pub Date : 2012-11-26 DOI: 10.1109/RePa.2012.6359976
S. Behnam, Daniel Amyot, G. Mussbacher, Edna Braun, N. Cartwright, Mario Saucier
{"title":"Using the Goal-oriented pattern family framework for modelling outcome-based regulations","authors":"S. Behnam, Daniel Amyot, G. Mussbacher, Edna Braun, N. Cartwright, Mario Saucier","doi":"10.1109/RePa.2012.6359976","DOIUrl":"https://doi.org/10.1109/RePa.2012.6359976","url":null,"abstract":"Outcome-based regulations focus on measurable goals rather than on prescriptive ways of achieving these goals. As regulators start evolving regulations towards an outcome-based approach, it becomes important to reuse knowledge about existing problems and solutions, and patterns are known to be a means of increasing reusability. Regulatory parties can benefit from a pattern-based framework that (i) lays down a foundation for capturing knowledge about business goals and processes, (ii) provides methods for reusing this knowledge by extracting and customizing models for specific stakeholders, and (iii) enables evolution of the knowledge when new problems and solutions emerge. In this paper, we provide systematic steps for eliciting requirements leading to the creation of patterns and families and show the applicability of the Goal-oriented Pattern Family framework in this novel context. We improve the framework's infrastructure and include the concept of indicator in the framework in order to facilitate the reuse of compliance measurement approaches, in context.","PeriodicalId":255558,"journal":{"name":"2012 Second IEEE International Workshop on Requirements Patterns (RePa)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125448370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Security requirements patterns: understanding the science behind the art of pattern writing 安全需求模式:理解模式编写艺术背后的科学
2012 Second IEEE International Workshop on Requirements Patterns (RePa) Pub Date : 2012-11-26 DOI: 10.1109/RePa.2012.6359977
M. Riaz, L. Williams
{"title":"Security requirements patterns: understanding the science behind the art of pattern writing","authors":"M. Riaz, L. Williams","doi":"10.1109/RePa.2012.6359977","DOIUrl":"https://doi.org/10.1109/RePa.2012.6359977","url":null,"abstract":"Security requirements engineering ideally combines expertise in software security with proficiency in requirements engineering to provide a foundation for developing secure systems. However, security requirements are often inadequately understood and improperly specified, often due to lack of security expertise and a lack of emphasis on security during early stages of system development. Software systems often have common and recurrent security requirements in addition to system-specific security needs. Security requirements patterns can provide a means of capturing common security requirements while documenting the context in which a requirement manifests itself and the tradeoffs involved. The objective of this paper is to aid in understanding of the process for pattern development and provide considerations for writing effective security requirements patterns. We analyzed existing literature on software patterns, problem solving and cognition to outline the process for developing software patterns. We also reviewed strategies for specifying reusable security requirements and security requirements patterns. Our proposed considerations can aid pattern writers in capturing necessary contextual information when documenting security requirements patterns to facilitate application and integration of security requirements.","PeriodicalId":255558,"journal":{"name":"2012 Second IEEE International Workshop on Requirements Patterns (RePa)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125683335","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
Pattern-based security requirements specification using ontologies and boilerplates 使用本体和样板的基于模式的安全需求规范
2012 Second IEEE International Workshop on Requirements Patterns (RePa) Pub Date : 2012-11-26 DOI: 10.1109/RePa.2012.6359973
O. Daramola, G. Sindre, T. Stålhane
{"title":"Pattern-based security requirements specification using ontologies and boilerplates","authors":"O. Daramola, G. Sindre, T. Stålhane","doi":"10.1109/RePa.2012.6359973","DOIUrl":"https://doi.org/10.1109/RePa.2012.6359973","url":null,"abstract":"The task of specifying and managing security requirements (SR) is a challenging one. Usually SR are often neglected or considered too late - leading to poor design, and cost overruns. Also, there is scarce expertise in managing SR, because most requirements engineering teams do not include security experts, which leads to prevalence of too vague or overly specific SR. In this work, we present an ontology-based approach that uses predefined pattern-based templates - requirements boilerplates - to aid requirements engineers in the formulation of SR. We realized the approach via a prototype tool that enables the formulation of SR from textual misuse case (TMUC) descriptions of security threat scenarios. The results from a preliminary evaluation suggest the viability of the proposed approach, in that the tool was judged as easy to use, supports reuse, and facilitates the formulation of good quality SR.","PeriodicalId":255558,"journal":{"name":"2012 Second IEEE International Workshop on Requirements Patterns (RePa)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124997339","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 33
Using norm analysis patterns for automated requirements validation 使用规范分析模式进行自动化需求验证
2012 Second IEEE International Workshop on Requirements Patterns (RePa) Pub Date : 2012-11-26 DOI: 10.1109/RePa.2012.6359965
Richa Sharma, K. K. Biswas
{"title":"Using norm analysis patterns for automated requirements validation","authors":"Richa Sharma, K. K. Biswas","doi":"10.1109/RePa.2012.6359965","DOIUrl":"https://doi.org/10.1109/RePa.2012.6359965","url":null,"abstract":"Requirements validation is an integral activity of Requirements Engineering. An early detection of mismatch between the observable behavior of the real-world and the interpreted behavior of the information system after requirements analysis is essential to the success of the software developed. This paper presents how norm analysis patterns can be effectively utilized for automated software validation. Norms represent behavioral patterns in an organization. In this paper, we harness this fact to validate the elicited requirements.","PeriodicalId":255558,"journal":{"name":"2012 Second IEEE International Workshop on Requirements Patterns (RePa)","volume":"108 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125130003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
A catalogue of non-technical Requirement Patterns 非技术需求模式的目录
2012 Second IEEE International Workshop on Requirements Patterns (RePa) Pub Date : 2012-11-26 DOI: 10.1109/RePa.2012.6359969
Cristina Palomares, C. Quer, Xavier Franch, Cindy Guerlain, Samuel Renault
{"title":"A catalogue of non-technical Requirement Patterns","authors":"Cristina Palomares, C. Quer, Xavier Franch, Cindy Guerlain, Samuel Renault","doi":"10.1109/RePa.2012.6359969","DOIUrl":"https://doi.org/10.1109/RePa.2012.6359969","url":null,"abstract":"Software Requirement Patterns (SRP) have been proposed as an artifact for fostering requirements reuse. PABRE is a framework that promotes the use of SRP as a means for requirements elicitation, validation and documentation in the context of IT procurement projects. In this paper, we present a catalogue of non-technical SRP included in the framework and present in detail some of them. We also introduce the motivation to arrive to these patterns.","PeriodicalId":255558,"journal":{"name":"2012 Second IEEE International Workshop on Requirements Patterns (RePa)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132799883","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Towards trust-based software requirement patterns 朝着基于信任的软件需求模式发展
2012 Second IEEE International Workshop on Requirements Patterns (RePa) Pub Date : 2012-11-26 DOI: 10.1109/RePa.2012.6359968
Axel Hoffmann, Matthias Söllner, Holger Hoffmann, J. Leimeister
{"title":"Towards trust-based software requirement patterns","authors":"Axel Hoffmann, Matthias Söllner, Holger Hoffmann, J. Leimeister","doi":"10.1109/RePa.2012.6359968","DOIUrl":"https://doi.org/10.1109/RePa.2012.6359968","url":null,"abstract":"Users adopt trust to reduce social complexity that can be caused by the lack of knowledge about the inner working of an information system. Our aim is to translate results from trust research about the transformation of user trust in new technologies into software requirement patterns. Therefore, we collect antecedents that build trust, and develop requirement patterns that demand functionality to support these antecedents. This paper presents software requirement patterns consisting of the name, the goal, forces and the pre-defined requirement template that can be used to specify trust based requirements.","PeriodicalId":255558,"journal":{"name":"2012 Second IEEE International Workshop on Requirements Patterns (RePa)","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122959007","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Requirements patterns for seismology software applications 地震软件应用程序的需求模式
2012 Second IEEE International Workshop on Requirements Patterns (RePa) Pub Date : 2012-11-26 DOI: 10.1109/RePa.2012.6359967
Yang Li, C. Pelties, M. Käser, Nitesh Narayan
{"title":"Requirements patterns for seismology software applications","authors":"Yang Li, C. Pelties, M. Käser, Nitesh Narayan","doi":"10.1109/RePa.2012.6359967","DOIUrl":"https://doi.org/10.1109/RePa.2012.6359967","url":null,"abstract":"Requirements patterns help reusing the knowledge of capturing required functionalities and properties of a system. To improve requirements engineering in seismological software development, we identify commonly used requirements patterns. This paper introduces research of identifying two main requirements patterns in projects typical for computational seismology, namely, the forward simulation pattern and the data access pattern. They help efficiently and effectively eliciting requirements by providing necessary abstractions. We present a dynamic rupture example to illustrate how to apply both patterns. The patterns can foster a more productive requirements engineering process and sharing software development knowledge within the domain.","PeriodicalId":255558,"journal":{"name":"2012 Second IEEE International Workshop on Requirements Patterns (RePa)","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124668487","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Towards a framework for pattern experimentation: Understanding empirical validity in requirements engineering patterns 走向模式实验的框架:理解需求工程模式的经验有效性
2012 Second IEEE International Workshop on Requirements Patterns (RePa) Pub Date : 2012-11-26 DOI: 10.1109/RePa.2012.6359975
T. Breaux, Hanan Hibshi, Ashwini Rao, Jean-Michel Lehker
{"title":"Towards a framework for pattern experimentation: Understanding empirical validity in requirements engineering patterns","authors":"T. Breaux, Hanan Hibshi, Ashwini Rao, Jean-Michel Lehker","doi":"10.1109/RePa.2012.6359975","DOIUrl":"https://doi.org/10.1109/RePa.2012.6359975","url":null,"abstract":"Despite the abundance of information security guidelines, system developers have difficulties implementing technical solutions that are reasonably secure. Security patterns are one possible solution to help developers reuse security knowledge. The challenge is that it takes experts to develop security patterns. To address this challenge, we need a framework to identify and assess patterns and pattern application practices that are accessible to non-experts. In this paper, we narrowly define what we mean by patterns by focusing on requirements patterns and the considerations that may inform how we identify and validate patterns for knowledge reuse. We motivate this discussion using examples from the requirements pattern literature and theory in cognitive psychology.","PeriodicalId":255558,"journal":{"name":"2012 Second IEEE International Workshop on Requirements Patterns (RePa)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124854926","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信