安全需求分析的课程设计和方法

... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing Pub Date : 2008-03-01 DOI:10.2201/NIIPI.2008.5.4

K. Taguchi, Yasuyuki Tahara

{"title":"安全需求分析的课程设计和方法","authors":"K. Taguchi, Yasuyuki Tahara","doi":"10.2201/NIIPI.2008.5.4","DOIUrl":null,"url":null,"abstract":"Lack of security is one of the most widespread problems affecting information systems. Security breaches at companies are reported almost everyday and users of computer systems are busy updating security of their computer system against vulnerabilities. While some of these problems are caused by human errors and faults of physical devices but the majority of them are due to the defects in software systems. The best way to reduce them is to find and fix them in an early stage of the software development, especially in the requirements elicitation and analysis phases. In this paper, we will present how we designed a security requirements analysis course to address this issue. We will also present security requirements elicitation methodologies based on the agentand goal-oriented requirements analysis methodologies of KAOS and i*.","PeriodicalId":91638,"journal":{"name":"... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing","volume":"104 1","pages":"19"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Curriculum design and methodologies for security requirements analysis\",\"authors\":\"K. Taguchi, Yasuyuki Tahara\",\"doi\":\"10.2201/NIIPI.2008.5.4\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Lack of security is one of the most widespread problems affecting information systems. Security breaches at companies are reported almost everyday and users of computer systems are busy updating security of their computer system against vulnerabilities. While some of these problems are caused by human errors and faults of physical devices but the majority of them are due to the defects in software systems. The best way to reduce them is to find and fix them in an early stage of the software development, especially in the requirements elicitation and analysis phases. In this paper, we will present how we designed a security requirements analysis course to address this issue. We will also present security requirements elicitation methodologies based on the agentand goal-oriented requirements analysis methodologies of KAOS and i*.\",\"PeriodicalId\":91638,\"journal\":{\"name\":\"... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing\",\"volume\":\"104 1\",\"pages\":\"19\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-03-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.2201/NIIPI.2008.5.4\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2201/NIIPI.2008.5.4","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

缺乏安全性是影响信息系统的最普遍的问题之一。几乎每天都有公司的安全漏洞报告，计算机系统的用户忙于更新他们的计算机系统的安全漏洞。虽然这些问题有些是人为错误和物理设备故障造成的，但大多数是由于软件系统的缺陷造成的。减少它们的最好方法是在软件开发的早期阶段找到并修复它们，特别是在需求引出和分析阶段。在本文中，我们将介绍如何设计一个安全需求分析课程来解决这个问题。我们还将介绍基于KAOS和i*的代理和面向目标的需求分析方法的安全需求引出方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Curriculum design and methodologies for security requirements analysis

Lack of security is one of the most widespread problems affecting information systems. Security breaches at companies are reported almost everyday and users of computer systems are busy updating security of their computer system against vulnerabilities. While some of these problems are caused by human errors and faults of physical devices but the majority of them are due to the defects in software systems. The best way to reduce them is to find and fix them in an early stage of the software development, especially in the requirements elicitation and analysis phases. In this paper, we will present how we designed a security requirements analysis course to address this issue. We will also present security requirements elicitation methodologies based on the agentand goal-oriented requirements analysis methodologies of KAOS and i*.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

... Proceedings of the ... IEEE International Conference on Progress in Informatics and Computing. IEEE International Conference on Progress in Informatics and Computing

自引率

0.00%

发文量