{"title":"基于安全评估标准的场景编织安全需求提取","authors":"Hiroya Itoga, A. Ohnishi","doi":"10.1109/QSIC.2007.47","DOIUrl":null,"url":null,"abstract":"Software is required to comply with the laws and standards of software security. However, stakeholders with less concern regarding security can neither describe the behaviour of the system with regard to security nor validate the system's behaviour when the security function conflicts with usability. Scenarios or use- case specifications are common in requirements elicitation and are useful to analyse the usability of the system from a behavioural point of view. In this paper, the authors propose a method to weave scenario fragments based on security evaluation criteria into scenarios. The experiments showed that the weaving method led to a better scenario than the method involving writing or modifying the scenario with reference to security evaluation criteria.","PeriodicalId":136227,"journal":{"name":"Seventh International Conference on Quality Software (QSIC 2007)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Security Requirements Elicitation via Weaving Scenarios Based on Security Evaluation Criteria\",\"authors\":\"Hiroya Itoga, A. Ohnishi\",\"doi\":\"10.1109/QSIC.2007.47\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software is required to comply with the laws and standards of software security. However, stakeholders with less concern regarding security can neither describe the behaviour of the system with regard to security nor validate the system's behaviour when the security function conflicts with usability. Scenarios or use- case specifications are common in requirements elicitation and are useful to analyse the usability of the system from a behavioural point of view. In this paper, the authors propose a method to weave scenario fragments based on security evaluation criteria into scenarios. The experiments showed that the weaving method led to a better scenario than the method involving writing or modifying the scenario with reference to security evaluation criteria.\",\"PeriodicalId\":136227,\"journal\":{\"name\":\"Seventh International Conference on Quality Software (QSIC 2007)\",\"volume\":\"39 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-10-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Seventh International Conference on Quality Software (QSIC 2007)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/QSIC.2007.47\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Seventh International Conference on Quality Software (QSIC 2007)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QSIC.2007.47","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Security Requirements Elicitation via Weaving Scenarios Based on Security Evaluation Criteria
Software is required to comply with the laws and standards of software security. However, stakeholders with less concern regarding security can neither describe the behaviour of the system with regard to security nor validate the system's behaviour when the security function conflicts with usability. Scenarios or use- case specifications are common in requirements elicitation and are useful to analyse the usability of the system from a behavioural point of view. In this paper, the authors propose a method to weave scenario fragments based on security evaluation criteria into scenarios. The experiments showed that the weaving method led to a better scenario than the method involving writing or modifying the scenario with reference to security evaluation criteria.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
