The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Security Requirements Engineering for Evolving Software Systems: A Survey
|
|
Author(s): Armstrong Nhlabatsi (The Open University, UK), Bashar Nuseibeh (Lero, Ireland & The Open University, UK) and Yijun Yu (The Open University, UK)
Copyright: 2010
Volume: 1
Issue: 1
Pages: 20
Source title:
International Journal of Secure Software Engineering (IJSSE)
Editor(s)-in-Chief: Florian Kerschbaum (SAP Research Karlsruhe, Germany), Jean-Noël Colin (University of Namur), Lei Wu (University of Houston), Narendra Gangavarapu (RailCorp), M. A. Rashid (Massey University), Sjouke Mauw (University of Luxembourg), Frédéric Cuppens, Jun Han (Swinburne University of Technology), Jan Jurjens (Dortmund University), Konstantin Beznosov (University of British Columbia), Qutaibah Malluhi (Qatar University), Riccardo Scandariato (Katholieke Universiteit Leuven), Denivaldo Lopes (Federal University of Maranhão), Wes Wassim Masri (American University of Beirut), Yun Bai (University of Western Sydney), Fabio Martinelli (Consiglio Nazionale delle Ricerche), Randy Smith (University of Alabama), Panagiotis Trimintzios (European Network and Information Security Agency), Bashar Nuseibeh (The Open University), Raimundas Matulevicius (University of Tartu), Lillian Røstad (Norwegian University of Science and Technology), Muthu Ramachandran (Leeds Metropolitan University), Martin Gilje Jaatun (SINTEF ICT), Vitus Lam (University of Hong Kong), Mohammad Zulkernine (Queens University, Kingston), Joseph Barjis (Delft University of Technology), George Yee (Carleton University, Canada), Nahid Shahmehri (Linkopings Universitet), Kendra Cooper (The University of Texas at Dallas), Samuel Redwine Jr. (James Madison University), Dongwan Shin (New Mexico Tech), Herve Debar (France Telecom R & D), Rafael Accorsi (Albert-Ludwigs-Universität Freiburg), Hossain Mohammad Shahriar (, Queen’s University, Kingston, Canada), Ana Cavalli (TELECOM & Management SudParis), Torbjorn Skramstad (Norwegian University of Science and Technology), Edgar Weippl (Secure Business Austria - Security Research), Ty Mey Eap (Simon Fraser University Surrey), Frank Piessens (Katholieke Universiteit Leuven), Yan Zhang (University of Western Sydney), Per Håkon Meland (SINTEF), Amel Mammar (Institut Télécom / Telecom SudParis), Nancy R. Mead (Carnegie Mellon University), Gregorio Martinez (University of Murcia), Jong Hyuk Park, Munawar Hafiz (University of Illinois at Urbana-Champaign) and Khaled M. Khan (Qatar University, Qatar)
DOI: 10.4018/jsse.2010102004
ISSN: 1947-3036
EISSN: 1947-3044
Purchase
|
Abstract
Long-lived software systems often undergo evolution over an extended period. Evolution of these systems is inevitable as they need to continue to satisfy changing business needs, new regulations and standards, and introduction of novel technologies. Such evolution may involve changes that add, remove, or modify features; or that migrate the system from one operating platform to another. These changes may result in requirements that were satisfied in a previous release of a system not being satisfied in subsequent versions. When evolutionary changes violate security requirements, a system may be left vulnerable to attacks. In this article we review current approaches to security requirements engineering and conclude that they lack explicit support for managing the effects of software evolution. We then suggest that a cross fertilization of the areas of software evolution and security engineering would address the problem of maintaining compliance to security requirements of software systems as they evolve.
Related Content
|
On the Design of a Knowledge Management System for Incremental Process Improvement for Software Product Management
Kevin Vlaanderen, Sjaak Brinkkemper and Inge van de Weerd
(2012).
International Journal of Information System Modeling and Design
(pp. 46-66).
View Details
View Sample PDF
|
|
Integrating Semantic Web and Software Agents: Exchanging RIF and BDI Rules
Yiwei Gong, Sietse Overbeek and Marijn Janssen
(2011).
International Journal of Systems and Service-Oriented Engineering
(pp. 60-76).
View Details
View Sample PDF
|
|
Interactive Analysis of Agent-Goal Models in Enterprise Modeling
Jennifer Horkoff and Eric Yu
(2010).
International Journal of Information System Modeling and Design
(pp. 1-23).
View Details
View Sample PDF
|
|
Knowledge Extraction from a Computational Consumer Model Based on Questionnaire Data Observed in Retail Service
Tsukasa Ishigaki, Yoichi Motomura, Masako Dohi, Makiko Kouchi and Masaaki Mochimaru
(2010).
International Journal of Systems and Service-Oriented Engineering
(pp. 40-54).
View Details
View Sample PDF
|
|
Execution Management for Mobile Service-Oriented Environments
Kleopatra G. Konstanteli, Tom Kirkham, Julian Gallop, Brian Matthews, Ian Johnson, Magdalini Kardara and Theodora Varvarigou
(2010).
International Journal of Systems and Service-Oriented Engineering
(pp. 39-59).
View Details
View Sample PDF
|
|
|