A Web User Interface of the Security Requirement Management Database Based on ISO/IEC 15408

  • Daisuke Horie
  • Shoichi Morimoto
  • Jingde Cheng
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3994)


In order to support design and development of secure information systems, we have proposed a security requirement management database based on the international standard ISO/IEC 15408. Design and development of secure information systems concern issues of information security engineering as well as software engineering. Our security requirement management database will be useful in practices only if we can provide its users with a highly usable user interface. This paper presents the design and development of a web user interface of our security requirement management database. We analyze and define usability requirements that the database should satisfy, present design and implementation of the web user interface, and show some examples for evaluating the interface from the viewpoint of usability engineering.


User Interface Usability Engineering Security Function Heuristic Evaluation Security Objective 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Advanced Information Systems Engineering Laboratory, Saitama University: ISEDS: Information Security Engineering Database System, http://www.aise.ics.saitama-u.ac.jp/
  2. 2.
    Chen, P.: The Entity-Relationship Model - Toward a Unified View of Data. ACM Transactions on Database Systems (TODS) 1(1), 9–36 (1976)CrossRefGoogle Scholar
  3. 3.
    International Software Benchmarking Standard Group: Empirical Databases of Metrics Collected from Software Projects, http://www.isbsg.org/
  4. 4.
    ISO 9241-11 standard.: Ergonomic Requirements for Office Work with Visual Display Terminals – Part 11: Guidance on Usability (1998)Google Scholar
  5. 5.
    ISO/IEC 15408 standard.: Information Technology - Security Techniques - Evaluation Criteria for IT Security (1999)Google Scholar
  6. 6.
    Jiao, J., Tseng, M.: A Requirement Management Database System for Product Definition. Journal of Integrated Manufacturing Systems 10(3), 146–154 (1999)CrossRefGoogle Scholar
  7. 7.
    Morimoto, S., Horie, D., Cheng, J.: A Security Requirement Management Database Based on ISO/IEC 15408. In: Gavrilova, M.L., Gervasi, O., Kumar, V., Tan, C.J.K., Taniar, D., Laganá, A., Mun, Y., Choo, H. (eds.) ICCSA 2006. LNCS, vol. 3982, pp. 1–10. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Nielsen, J., Molich, R.: Heuristic Evaluation of User Interfaces. In: Proceedings of the SIGCHI conference on Human factors in computing systems: Empowering people, Seattle, WA, April 1990, pp. 249–256 (1990)Google Scholar
  9. 9.
    Software Engineering Institute.: Software Engineering Information Repository, http://seir.sei.cmu.edu/large

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Daisuke Horie
    • 1
  • Shoichi Morimoto
    • 1
  • Jingde Cheng
    • 1
  1. 1.Department of Information and Computer SciencesSaitama UniversitySaitamaJapan

Personalised recommendations