{"title":"后期阶段对安全需求的支持","authors":"Jose Romero-Mariona, H. Ziv, D. Richardson","doi":"10.1145/1565799.1565823","DOIUrl":null,"url":null,"abstract":"Software security concerns are frequent, widespread, and with potentially harmful consequences. We believe that security concerns should not only be specified as part of software requirements, but should also be supported during later stages of development (architecture, design, implementation, testing, and maintenance). This paper focuses on security requirements and the support available for them past their creation. As part of ongoing research we surveyed 12 approaches to security requirements engineering and identified the level of support each approach provides on a variety of areas related to later stages support. We show that support for security requirements after they are specified is lacking at best, creating opportunities for significant improvement and further research in this area.","PeriodicalId":326471,"journal":{"name":"Richard Tapia Celebration of Diversity in Computing Conference","volume":"86 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Later stages support for security requirements\",\"authors\":\"Jose Romero-Mariona, H. Ziv, D. Richardson\",\"doi\":\"10.1145/1565799.1565823\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software security concerns are frequent, widespread, and with potentially harmful consequences. We believe that security concerns should not only be specified as part of software requirements, but should also be supported during later stages of development (architecture, design, implementation, testing, and maintenance). This paper focuses on security requirements and the support available for them past their creation. As part of ongoing research we surveyed 12 approaches to security requirements engineering and identified the level of support each approach provides on a variety of areas related to later stages support. We show that support for security requirements after they are specified is lacking at best, creating opportunities for significant improvement and further research in this area.\",\"PeriodicalId\":326471,\"journal\":{\"name\":\"Richard Tapia Celebration of Diversity in Computing Conference\",\"volume\":\"86 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Richard Tapia Celebration of Diversity in Computing Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1565799.1565823\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Richard Tapia Celebration of Diversity in Computing Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1565799.1565823","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Software security concerns are frequent, widespread, and with potentially harmful consequences. We believe that security concerns should not only be specified as part of software requirements, but should also be supported during later stages of development (architecture, design, implementation, testing, and maintenance). This paper focuses on security requirements and the support available for them past their creation. As part of ongoing research we surveyed 12 approaches to security requirements engineering and identified the level of support each approach provides on a variety of areas related to later stages support. We show that support for security requirements after they are specified is lacking at best, creating opportunities for significant improvement and further research in this area.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
