Requirements Engineering

, Volume 21, Issue 2, pp 251–283 | Cite as

Reusable knowledge in security requirements engineering: a systematic mapping study

  • Amina Souag
  • Raúl Mazo
  • Camille Salinesi
  • Isabelle Comyn-Wattiau
Original Article

Abstract

Security is a concern that must be taken into consideration starting from the early stages of system development. Over the last two decades, researchers and engineers have developed a considerable number of methods for security requirements engineering. Some of them rely on the (re)use of security knowledge. Despite some existing surveys about security requirements engineering, there is not yet any reference for researchers and practitioners that presents in a systematic way the existing proposals, techniques, and tools related to security knowledge reuse in security requirements engineering. The aim of this paper is to fill this gap by looking into drawing a picture of the literature on knowledge and reuse in security requirements engineering. The questions we address are related to methods, techniques, modeling frameworks, and tools for and by reuse in security requirements engineering. We address these questions through a systematic mapping study. The mapping study was a literature review conducted with the goal of identifying, analyzing, and categorizing state-of-the-art research on our topic. This mapping study analyzes more than thirty approaches, covering 20 years of research in security requirements engineering. The contributions can be summarized as follows: (1) A framework was defined for analyzing and comparing the different proposals as well as categorizing future contributions related to knowledge reuse and security requirements engineering; (2) the different forms of knowledge representation and reuse were identified; and (3) previous surveys were updated. We conclude that most methods should introduce more reusable knowledge to manage security requirements.

Keywords

Reusability Security requirements Knowledge Ontologies Patterns Templates 

References

  1. 1.
    Mayer N (2012) Model-based management of information system security risk. Presses universitaires de Namur, Namur, BelgieumGoogle Scholar
  2. 2.
    Giorgini P, Massacci F, Zannone N (2005) Security and trust requirements engineering. In: Aldini A, Gorrieri R, Martinelli F (eds) Foundations of security analysis and design III. Springer, Berlin, pp 237–272CrossRefGoogle Scholar
  3. 3.
    Liu L, Yu E, Mylopoulos J (2002) Analyzing security requirements as relationships among strategic actors. In: Proceedings of the 2nd symposium on requirements engineering for information securityGoogle Scholar
  4. 4.
    Mouratidis H (2006) Analysing security requirements of information systems using tropos, January-2006. (Online). http://roar.uel.ac.uk/409/. Consulted 17 Nov 2012
  5. 5.
    Van Lamsweerde A (2004) Elaborating security requirements by construction of intentional anti-models. In: Proceedings of 26th international conference on software engineering, 2004. ICSE 2004, pp 148–157Google Scholar
  6. 6.
    Sindre G, Opdahl AL (2005) Eliciting security requirements with misuse cases. Requir Eng 10(1):34–44CrossRefGoogle Scholar
  7. 7.
    Firesmith DG (2003) Security use cases. J Object Technol 2(3):53–64CrossRefGoogle Scholar
  8. 8.
    Lodderstedt D, Basin J Doser (2002) SecureUML: a UML-based modeling language for model-driven security. In: Jézéquel J-M, Hussmann H, Cook S (eds) ≪UML ≫ 2002—The Unified Modeling Language. Springer, Berlin, pp 426–441CrossRefGoogle Scholar
  9. 9.
    Jürjens J (2002) Using UMLsec and goal trees for secure systems development. In: Proceedings of the 2002 ACM symposium on Applied computing, New York, 2002, pp 1026–1030Google Scholar
  10. 10.
    Firesmith D (2004) Specifying reusable security requirements. J Object Technol 3(1):61–75CrossRefGoogle Scholar
  11. 11.
    Hermoye LA, van Lamsweerde A, Perry DE (2014) A reuse-based approach to security requirements engineering. (Online). http://users.ece.utexas.edu/~perry/work/papers/060908-LH-reuse.pdf. Consulted 17 Dec 2014
  12. 12.
    Jensen J, Tøndel IA, Meland PH (2010) Experimental threat model reuse with misuse case diagrams. In: Soriano M, Qing S, López J (eds) Information and communications security. Springer, Berlin, pp 355–366CrossRefGoogle Scholar
  13. 13.
    Hatebur D, Heisel M, Schmidt H (2007) A pattern system for security requirements engineering. In: The second international conference on availability, reliability and security, 2007. ARES 2007, pp 356–365Google Scholar
  14. 14.
    Heineman GT, Councill WT (2001) Component-based software engineering: putting the pieces together (paperback), 1st edn. Addison-Wesley Professional, Upper Saddle RiverGoogle Scholar
  15. 15.
    Frakes WB, Kang K (2005) Software reuse research: status and future. IEEE Trans Softw Eng 31(7):529–536CrossRefGoogle Scholar
  16. 16.
    Lam W, McDermid JA, Vickers AJ (1997) Ten steps towards systematic requirements reuse. Requir Eng 2(2):102–113CrossRefGoogle Scholar
  17. 17.
    Robertson S, Robertson J (2013) Mastering the requirements process getting requirements right. Addison-Wesley, Upper Saddle RiverGoogle Scholar
  18. 18.
    López O, Laguna MA, Peñalvo FJG (2002) Metamodeling for requirements reuse. In: WER, 2002, pp 76–90Google Scholar
  19. 19.
    Walton P, Maiden N (1993) Integrated software reuse: management and techniques. Ashgate Publishing Company Brookfield, VT, USAGoogle Scholar
  20. 20.
    Mead NR, McGraw G (2005) A portal for software security. IEEE Secur Priv 3(4):75–79CrossRefGoogle Scholar
  21. 21.
    Petersen K, Feldt R, Mujtaba S, Mattsson M (2008) Systematic mapping studies in software engineering. In: 12th international conference on evaluation and assessment in software engineering, vol. 17, p 1, 2008Google Scholar
  22. 22.
    Kitchenham B, Charters S (2007) Guidelines for performing systematic literature reviews in software engineering. In: Technical report EBSE-2007-01, 2007Google Scholar
  23. 23.
    Budgen D, Turner M, Brereton P, Kitchenham B (2008) Using mapping studies in software engineering. Proc PPIG 8:195–204Google Scholar
  24. 24.
    Kitchenham BA, Budgen D, Brereton OP (2011) Using mapping studies as the basis for further research–a participant-observer case study. Inform Softw Technol 53(6):638–651CrossRefGoogle Scholar
  25. 25.
    Wieringa R, Maiden N, Mead N, Rolland C (2006) Requirements engineering paper classification and evaluation criteria: a proposal and a discussion. Requir Eng 11(1):102–107CrossRefGoogle Scholar
  26. 26.
    Dubois É, Heymans P, Mayer N, Matulevičius R (2010) A systematic approach to define the domain of information system security risk management. In: Nurcan S, Salinesi C, Souveyet C, Ralyté J (eds) Intentional perspectives on information systems engineering. Springer, Berlin, pp 289–306CrossRefGoogle Scholar
  27. 27.
    Fabian B, Gürses S, Heisel M, Santen T, Schmidt H (2010) A comparison of security requirements engineering methods. Requir Eng 15(1):7–40CrossRefGoogle Scholar
  28. 28.
    Elahi G (2009) Security requirements engineering: state of the art and practice and challenges. http://www.cs.utoronto.ca/~gelahi/Depth
  29. 29.
    Mouratidis H, Giorgini P, Schumacher M, Manson M (2003) Security patterns for agent systems. In: Proceedings of the eight european conference on pattern languages of programs (EuroPLoP), Irsee, Germany, 2003Google Scholar
  30. 30.
    van Lamsweerde A (2007) Engineering requirements for system reliability and security. In: Broy JGM, Hoare C (eds) Software system reliability and security, ser. NATO security through science series-D: information and communication security, vol 9. IOS Press, Amsterdam, The Netherlands, pp 196–238Google Scholar
  31. 31.
    Hermoye LA, van Lamsweerde A, Perry DE (2006) Attack patterns for security requirements engineering. September, (Online), 2006. https://hostdb.ece.utexas.edu/~perry/work/papers/060908-LH-threats.pdf
  32. 32.
    Bresciani P, Perini A, Giorgini P, Giunchiglia F, Mylopoulos J (2004) Tropos: an agent-oriented software development methodology. Auton Agents Multi-Agent Syst 8(3):203–236CrossRefMATHGoogle Scholar
  33. 33.
    Susi A, Perini A, Mylopoulos J, Giorgini P (2005) The tropos metamodel and its use. Informatica (Slovenia) 29(4):401–408Google Scholar
  34. 34.
    Mouratidis H, Giorgini P (2007) Secure Tropos: a security-oriented extension of the tropos methodology. Int J Softw Eng Knowl Eng 17(2):285–309CrossRefGoogle Scholar
  35. 35.
    Mouratidis H, Giorgini P, Manson G (2003) Integrating security and systems engineering: towards the modelling of secure information systems. In: Proceedings of the 15th conference on advanced information systems engineering CAiSE, 2003, pp 63–78Google Scholar
  36. 36.
    Pavlidis M, Mouratidis H, Kalloniatis C, Islam S, Gritzalis S (2013) Trustworthy selection of cloud providers based on security and privacy requirements: justifying trust assumptions. In: Furnell S, Lambrinoudakis C, Lopez J (eds) Trust, privacy, and security in digital business. Springer, Berlin, pp 185–198CrossRefGoogle Scholar
  37. 37.
    Paja E, Dalpiaz F, Poggianella M, Roberti P, Giorgini P (2012) STS-Tool: using commitments to specify socio-technical security requirements. In: Castano S, Vassiliadis P, Lakshmanan LV, Lee ML (eds) Advances in conceptual modeling. Springer, Berlin, pp 396–399CrossRefGoogle Scholar
  38. 38.
    Mouratidis H, Weiss M, Giorgini P (2006) Modelling secure systems using an agent-oriented approach and security patterns. Int J Software Eng Knowl Eng 16:471–498CrossRefGoogle Scholar
  39. 39.
    Alexander C, Ishikawa S, Silverstein M (1977) A pattern language: towns, buildings, construction. Oxford University Press, New YorkGoogle Scholar
  40. 40.
    Giorgini P, Massacci F, Mylopoulos J, Zannone N (2005) ST-tool: a CASE tool for security requirements engineering. In: Proceedings of 13th IEEE international conference on requirements engineering, 2005, pp 451–452Google Scholar
  41. 41.
    Okubo T, Kaiya H, Yoshioka N (2011) Effective security impact analysis with patterns for software enhancement. In: 2011 sixth international conference on availability, reliability and security (ARES), 2011, pp 527–534Google Scholar
  42. 42.
    Souag A, Salinesi C, Comyn-Wattiau I (2012) Ontologies for security requirements: a literature survey and classification. In: Advanced information systems engineering workshops lecture notes in business information processing, vol 112, pp 61–69Google Scholar
  43. 43.
    Antón AI, Earp JB (2001) Strategies for developing policies and requirements for secure electronic commerce systems. In: Ghosh AK (ed) E-commerce security and privacy. Kluwer Academic Publishers, Dordrecht, pp 29–46Google Scholar
  44. 44.
    He Q, Anton AI (2003) A framework for modeling privacy requirements in role engineering, international workshop on requirements engineering for software quality (REFSQ 2003), Klagenfurt/Velden, Austria, 16–17 June, 2003Google Scholar
  45. 45.
    Antón AI, Earp JB (2004) A requirements taxonomy for reducing web site privacy vulnerabilities. Requir Eng 9(3):169–185CrossRefGoogle Scholar
  46. 46.
    Giorgini P, Massacci F, Mylopoulos J, Zannone N (2006) Requirements engineering for trust management: model, methodology, and reasoning. Int J Inf Secur 5(4):257–274CrossRefMATHGoogle Scholar
  47. 47.
    Massacci F, Prest M, Zannone N (2004) Using a security requirements engineering methodology in practice: the compliance with the Italian data protection legislation. University of Trento, Departmental Technical Report, November 2004Google Scholar
  48. 48.
    Massacci F, Zannone N (2008) Detecting conflicts between functional and security requirements with Secure Tropos: John Rusnak and the Allied Irish Bank. In: Yu E, Giorgini P, Maiden N, Mylopoulos J (eds) Social modeling for requirements engineering. MIT Press, CambridgeGoogle Scholar
  49. 49.
    Asnar Y, Giorgini P, Massacci F, Zannone N (2007) From trust to dependability through risk analysis. In: The second international conference on availability, reliability and security, 2007. ARES 2007. IEEE, pp 19–26Google Scholar
  50. 50.
    Asnar Y, Giorgini P, Mylopoulos J (2006) Risk modelling and reasoning in goal models. University of Trento, Departmental Technical Report, February 2006Google Scholar
  51. 51.
    Massacci F, Mylopoulos J, Zannone N (2007) An ontology for secure socio-technical systems. Handbook of ontologies for business interaction, 2007Google Scholar
  52. 52.
    Ivankina E (2005) An approach to guide requirement elicitation by analysing the causes and consequences of threats. Inform Model Knowl. Bases XVI 121:13Google Scholar
  53. 53.
    Salinesi C, Ivankina E, Angole W (2008) Using the RITA threats ontology to guide requirements elicitation: an empirical experiment in the banking sector. In: Managing requirements knowledge, 2008. MARK’08. First International Workshop on, 2008, pp 11–15Google Scholar
  54. 54.
    Rolland C, Souveyet C, BenAchour C (1998) Guiding goal modeling using scenarios. IEEE Trans Softw Eng 24(12):1055–1071CrossRefGoogle Scholar
  55. 55.
    Daramola O, Sindre G, Moser T (2012) Ontology-based support for security requirements specification process. In: Herrero P, Panetto H, Meersman R, Dillon T (eds) On the move to meaningful internet systems: OTM 2012 workshops. Springer, Berlin, pp 194–206CrossRefGoogle Scholar
  56. 56.
    Daramola O, Sindre G, Stalhane T (2012) Pattern-based security requirements specification using ontologies and boilerplates. In: 2012 IEEE second international workshop on requirements patterns (RePa), 2012, pp 54–59Google Scholar
  57. 57.
    Hull E (2011) Requirements engineering. Springer, LondonCrossRefMATHGoogle Scholar
  58. 58.
    Dritsas S, Gymnopoulos L, Karyda M, Balopoulos T, Kokolakis S, Lambrinoudakis C, Katsikas S (2006) A knowledge-based approach to security requirements for e-health applications. Electron J E-Commer Tools Appl, In the Special Issue: Emerging Security Paradigms in the Knowledge Era, 2(1)Google Scholar
  59. 59.
    Velasco JL, Valencia-Garcia R, Fernandez-Breis JT, Toval A (2009) Modelling reusable security requirements based on an ontology framework. J Res Pract Inf Technol 41(2):119Google Scholar
  60. 60.
    PAe - MAGERIT v.3: Metodología de Análisis y Gestión de Riesgos de los Sistemas de Información. (Online). http://administracionelectronica.gob.es/pae_Home/pae_Documentacion/pae_Metodolog/pae_Magerit.html#.UhAEVLxsDR0. Consulted: 17 Aug 2013
  61. 61.
    Toval A, Nicolás J, Moros B, García O (2001) Requirements reuse for improving information systems security: a practitioner’s approach. Requir Eng J 6:205–219CrossRefMATHGoogle Scholar
  62. 62.
    Salini P, Kanmani S (2012) A knowledge-oriented approach to security requirements for an E-voting system. Int J Comput Appl 49(11):21–25Google Scholar
  63. 63.
    Chikh A, Abulaish M, Nabi SI, Alghathbar K (2011) An Ontology based information security requirements engineering framework. In: Park JJ, Lopez J, Yeo S-S, Shon T, Taniar D (eds) Secure and trust computing, data management and applications. Springer, Berlin, pp 139–146CrossRefGoogle Scholar
  64. 64.
    Fenz S, Ekelhart A (2009) Formalizing information security knowledge. (ASIACCS’09), pp 183–194Google Scholar
  65. 65.
    Zuccato A, Daniels N, Jampathom C (2011) Service security requirement profiles for telecom: how software engineers may tackle security. In: 2011 sixth international conference on availability, reliability and security (ARES), 2011, pp 521–526Google Scholar
  66. 66.
    Sindre G, Opdahl AL (2001) Templates for misuse case description. In: Proceedings of the 7th international workshop on requirements engineering, foundation for software quality, REFSQ’2001, 2001, pp 4–5Google Scholar
  67. 67.
    Sindre G, Opdahl AL (2001) Capturing security requirements through misuse cases. NIK 2001, Norsk Informatikkonferanse 2001. http://www.nik.no/2001
  68. 68.
    Alexander I (2002) Initial industrial experience of misuse cases in trade-off analysis. In: Proceedings of IEEE joint international conference on requirements engineering, 2002, pp 61–68Google Scholar
  69. 69.
    Sindre G, Firesmith DG, Opdahl AL (2003) A reuse-based approach to determining security requirements. In Proceedings of 9th international workshop on requirements engineering: foundation for software quality, REFSQ’03, 2003, pp 16–17Google Scholar
  70. 70.
    Lin L, Nuseibeh B, Ince D, Jackson M, Moffett J (2003) Introducing abuse frames for analysing security requirements. In: Proceedings of 11th IEEE International requirements engineering conference, RE’03, 2003, pp 371–372Google Scholar
  71. 71.
    Lin L, Nuseibeh B, Ince D, Jackson M, Moffett J (2003) Analysing security threats and vulnerabilities using abuse frames. ETAPS-04, 2003Google Scholar
  72. 72.
    Lin L, Nuseibeh B, Ince D, Jackson M Using abuse frames to bound the scope of security problems. In: Not Set (ed) 12th IEEE international requirements engineering conference (RE’04). IEEE Computer Society, pp 354–355Google Scholar
  73. 73.
    Jackson MJ (2001) Problem frames: analysing and structuring software development problems. Addison-Wesley/ACM Press, HarlowGoogle Scholar
  74. 74.
    Saeki M, Kaiya H (2009) Security requirements elicitation using method weaving and common criteria. In: Chaudron MRV (ed) Models in software engineering. Springer, Berlin, pp 185–196CrossRefGoogle Scholar
  75. 75.
    N. S. A. S. S. F. G. G. M. MD Common criteria for information technology security evaluation. Department of Defense Public Key Infrastructure and Key Management Infrastructure Token Protection Profile (Medium Robustness, March 2002Google Scholar
  76. 76.
    Common Criteria for Information Technology Security Evaluation. Part 2: Security Functional components. https://www.commoncriteriaportal.org/files/ccfiles/CCPART2V3.1R4.pdf. Consulted: 28 Sept 2013
  77. 77.
    ECMA-271 (1999) Extended commercially oriented functionality class for security evaluation, E-COFCGoogle Scholar
  78. 78.
    Mouratidis H, Islam S, Kalloniatis C, Gritzalis S (2013) A framework to support selection of cloud providers based on security and privacy requirements. J Syst Softw 86(9):2276–2293CrossRefGoogle Scholar
  79. 79.
    Mead NR, Stehney T (2005) Security quality requirements engineering (SQUARE) methodology. In: Proceedings of the 2005 workshop on Software engineering for secure system building trustworthy applications, New York, 2005, pp 1–7Google Scholar
  80. 80.
    Mead NR, Viswanathan V, Padmanabhan D, Raveendran A (2008) Incorporating security quality requirements engineering (SQUARE) into standard life-cycle models, May 2008Google Scholar
  81. 81.
    Mead NR, Hough ED (2006) Security requirements engineering for software systems: case studies in support of software engineering education. In: Proceedings of 19th conference on software engineering education and training, 2006, pp 149–158Google Scholar
  82. 82.
    Rannenberg K (1993) Recent development in information technology security evaluation-the need for evaluation criteria for multilateral security. In: Security and control of information technology in society, 1993, pp 113–128Google Scholar
  83. 83.
    Christian T (2010) Security requirements reusability and the SQUARE methodology, No. CMU/SEI-2010-TN-027. Carnegie-Mellon University, Software Engineering Institute, PittsburghGoogle Scholar
  84. 84.
    Mellado D, Fernandez-Medina E, Piattini M (2008) Security requirements variability for software product lines. In: Third international conference on availability, reliability and security, 2008. ARES 08, 2008, pp 1413–1420Google Scholar
  85. 85.
    Mellado D, Fernández-Medina E, Piattini M (2006) Applying a security requirements engineering process. In: Gollmann D, Meier J, Sabelfeld A (eds) Computer security—ESORICS 2006. Springer, Berlin, pp 192–206CrossRefGoogle Scholar
  86. 86.
    Mellado D, Fernández-Medina E, Piattini M (2007) A common criteria based security requirements engineering process for the development of secure information systems. Comput Stand Interfaces 29(2):244–253CrossRefGoogle Scholar
  87. 87.
    Jacobson I, Booch G, Rumbaugh J (1999) The unified software development process. Addison-Wesley, ReadingGoogle Scholar
  88. 88.
    Yu E, Liu L (2001) Modelling trust for system design using the i* strategic actors framework. In: Falcone R, Singh M, Tan Y-H (eds) Trust in cyber-societies.  Springer, Berlin, Heidelberg, pp 175–194Google Scholar
  89. 89.
    Liu L, Yu E, Mylopoulos J (2003) Security and privacy requirements analysis within a social setting. In: Proceedings of 11th IEEE international requirements engineering conference, 2003, pp 151–161Google Scholar
  90. 90.
    Araujo R, Gupta S (2005) Design authorization systems using secureUML. In: Foundstone foundstone professional services, 2005, pp 2–16Google Scholar
  91. 91.
    Jürjens J (2005) Secure systems development with UML. Springer, BerlinMATHGoogle Scholar
  92. 92.
    Jürjens J, Shabalin P (2004) Automated verification of UMLsec models for security requirements. In UML 2004—The Unified Modeling Language, volume 2460 of LNCS, 2004, pp 412–425Google Scholar
  93. 93.
    Best B, Jurjens J, Nuseibeh B (2007) Model-based security engineering of distributed information systems using UMLsec. In: 29th international conference on software engineering, 2007, pp 581–590Google Scholar
  94. 94.
    Wenzel S, Warzecha D, Jurjens J (2012) Approach for adaptive security monitor generation—secureChange. yumpu.com, 31 Jan 2012. (Online). http://www.yumpu.com/en/document/view/8097461/approach-for-adaptive-security-monitor-generation-securechange. Consulted: 26 Aug 2013
  95. 95.
    Dahl HEI, Hogganvik I, Stølen K (2007) Structured semantics for the CORAS security risk modeling language. In: Pre-proceedings of the 2nd international workshop on interoperability solutions on trust, security, policies and QoS for enhanced enterprise systems (IS-TSPQ’07), pp 79–92Google Scholar
  96. 96.
    Lund MS, Solhaug B, Stølen K (2011) The CORAS tool. In: Model-driven risk analysis. Springer, Berlin, Heidelberg, pp 339–346Google Scholar
  97. 97.
    Vraalsen F, den Braber F, Lund MS, Stølen K (2005) The CORAS tool for security risk analysis. In: Herrmann P, Issarny V, Shiu S (eds) Trust management. Springer, Berlin, pp 402–405CrossRefGoogle Scholar
  98. 98.
    Hogganvik I, Stølen K (2006) A graphical approach to risk identification, motivated by empirical investigations. In: Proceedings of the 9th international conference on model driven engineering languages and systems, Berlin, 2006, pp 574–588Google Scholar
  99. 99.
    Evans S, Heinbuch D, Kyle E, Piorkowski J, Wallner J (2004) Risk-based systems security engineering: stopping attacks with intention. IEEE Secur Priv 2(6):59–62CrossRefGoogle Scholar
  100. 100.
    Buckshaw DL, Parnell GS, Unkenholz WL, Parks DL, Wallner JM, Saydjari OS (2005) Mission oriented risk and design analysis of critical information systems. Mil Oper Res 10(2):19–38CrossRefGoogle Scholar
  101. 101.
    Morali A, Wieringa R (2010) Risk-based confidentiality requirements specification for outsourced IT systems. In: 2010 18th IEEE international requirements engineering conference (RE), 2010, pp 199–208Google Scholar
  102. 102.
    CRAC: Confidentiality risk analysis and IT-architecture comparison of business networks. (Online). http://www.tue.nl/en/publication/ep/p/d/ep-uid/231273/. Consulted: 25 Sept 2013
  103. 103.
    Haley CB, Laney R, Moffett JD, Nuseibeh B (2008) Security requirements engineering: a framework for representation and analysis. IEEE Trans Softw En 34(1):133–153CrossRefGoogle Scholar
  104. 104.
    Haley CB, Moffett JD, Laney R, Nuseibeh B (2006) A framework for security requirements engineering. In: Proceedings of the 2006 international workshop on software engineering for secure systems, New York, 2006, pp 35–42Google Scholar
  105. 105.
    Nuseibeh B, Haley CB, Foster C Securing the skies: in requirements we trust. Computer, In: IEEE Computer Society, pp 46–54Google Scholar
  106. 106.
    Gürses S, Berendt B, Santen T (2006) Multilateral security requirements analysis for preserving privacy in ubiquitous environments. In: Proceedings of the UKDU workshop, 2006, pp 51–64Google Scholar
  107. 107.
    Gürses SF, Santen T (2006) Contextualizing security goals: a method for multilateral security requirements elicitation. In: Sicherheit, 2006, vol 6, pp 42–53Google Scholar
  108. 108.
    Souag A, Salinesi C, Mazo R, Comyn-Wattiau I (2015) A security ontology for security requirements elicitation. In: International symposium on engineering secure software and systems, March 4–6, 2015. To appearGoogle Scholar
  109. 109.
    Chernak Y (2012) Requirements reuse: the state of the practice. In: 2012 IEEE international conference on software science, technology and engineering (SWSTE), 2012, pp 4653Google Scholar
  110. 110.
    Yoshioka N, Washizaki H, Maruyama K (2008) A survey on security patterns. Prog Inf 5(5):35–47CrossRefGoogle Scholar
  111. 111.
    Devanbu PT, Stubblebine S (2000) Software engineering for security: a roadmap. In: Proceedings of the conference on the future of software engineering. ACM, pp 227–239Google Scholar
  112. 112.
    Mellado D, Blanco C, Sánchez LE, Fernández-Medina E (2010) A systematic review of security requirements engineering. Comput Stand Interfaces 32(4):153–165CrossRefGoogle Scholar
  113. 113.
    Salini P, Kanmani S (2012) Survey and analysis on security requirements engineering. Comput Electron Eng 38(6):1785–1797CrossRefGoogle Scholar
  114. 114.
    Tondel IA, Jaatun MG, Meland PH (2008) Security requirements for the rest of us: a survey. Softw IEEE 25(1):20–27CrossRefGoogle Scholar
  115. 115.
    Elahi G (2009) Security requirements engineering: state of the art and practice and challenges. http://www.cs.utoronto.ca/~gelahi/DepthPaper.pdf
  116. 116.
    Iankoulova I, Daneva M (2012) Cloud computing security requirements: a systematic review. In: Sixth International conference on research challenges in information science (RCIS). IEEE, 2012, pp 1–7Google Scholar
  117. 117.
    Baskerville Richard (1993) information systems security design methods: implications for information systems development. ACM Comput Surv (CSUR) 25(4):375–414CrossRefGoogle Scholar

Copyright information

© Springer-Verlag London 2015

Authors and Affiliations

  • Amina Souag
    • 1
  • Raúl Mazo
    • 1
  • Camille Salinesi
    • 1
  • Isabelle Comyn-Wattiau
    • 2
  1. 1.CRIPanthéon Sorbonne UniversityParisFrance
  2. 2.CEDRIC-CNAM & ESSEC Business SchoolParisFrance

Personalised recommendations