Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
453566 | Computer Standards & Interfaces | 2007 | 10 Pages |
Abstract
In order to develop security critical Information Systems, specifying security quality requirements is vitally important, although it is a very difficult task. Fortunately, there are several security standards, like the Common Criteria (ISO/IEC 15408), which help us handle security requirements. This article will present a Common Criteria centred and reuse-based process that deals with security requirements at the early stages of software development in a systematic and intuitive way, by providing a security resources repository as well as integrating the Common Criteria into the software lifecycle, so that it unifies the concepts of requirements engineering and security engineering.
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Daniel Mellado, Eduardo Fernández-Medina, Mario Piattini,