Sciweavers

CSI
2007

A common criteria based security requirements engineering process for the development of secure information systems

13 years 5 months ago
A common criteria based security requirements engineering process for the development of secure information systems
In order to develop security critical Information Systems, specifying security quality requirements is vitally important, although it is a very difficult task. Fortunately, there are several security standards, like the Common Criteria (ISO/IEC 15408), which help us handle security requirements. This article will present a Common Criteria centred and reuse-based process that deals with security requirements at the early stages of software development in a systematic and intuitive way, by providing a security resources repository as well as integrating the Common Criteria into the software lifecycle, so that it unifies the concepts of requirements engineering and security engineering. © 2006 Elsevier B.V. All rights reserved.
Daniel Mellado, Eduardo Fernández-Medina, M
Added 13 Dec 2010
Updated 13 Dec 2010
Type Journal
Year 2007
Where CSI
Authors Daniel Mellado, Eduardo Fernández-Medina, Mario Piattini
Comments (0)