期刊文献+

软件安全性需求提取方法研究综述 被引量:4

A Review of the Methods of Software Security Requirements Specification
下载PDF
导出
摘要 安全性需求的提取是确保软件安全的关键。介绍了安全性需求的定义、目的以及种类,研究了当今主要的安全性需求提取方法,指出了未来安全性需求研究的重点和发展方向。 The specification of security requirements is central to software security. This paper describes the definition, the objective and the classification of security requirements, and the major methods and techniques of specifying security requirements currently used. It then analyzes the strengths as well as the weaknesses of these methods and their scope of application. In the end the future trend of the research on security requirements is put forward in this paper.
出处 《指挥信息系统与技术》 2011年第1期6-10,共5页 Command Information System and Technology
关键词 软件安全性需求 软件安全性需求提取 软件需求分析 software security requirements security requirements specification software requirements analysis
  • 相关文献

参考文献22

  • 1Guttman B.An introduction to computer security:the NIST handbook. http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf . 2010
  • 2Hallberg N,Hallberg J.The Usage-centric Security Requirements engineering(USeR)method. Information Assurance Workshop . 2006
  • 3G. Sindre,A. L. Opdahl.Eliciting security requirements by misuse cases. 37th International Conference on Technology of Object-Oriented Languages and Systems (TOOLS-Pacific 2000) . 2000
  • 4information technology-secu-rity techniques-evaluation criteria for IT security-Part1:introduction and general model. ISO/IEC15408-1:2005 . 2010
  • 5Schneier B.Secrets and Lies: Digital Security in a Networked World. . 2000
  • 6Sindre G,Firesmith D G,Opdahl A L.A reuse-based approach to determining security requirements. http://citeseerx.ist.psu.edu/viewdoc/download doi=10.1.1.14.2904&rep=rep1&type=pdf . 2010
  • 7Pauli J J,Xu Dian-xiang.Misuse case-based design and analysis of secure software architecture. International Conference on Informa-tion Technology Coding and Computing(ITCC’05) . 2005
  • 8Rushby J.Security requirements specifications:how and what. http://www.csl.sri.com/users/rushby/papers/sreis01.ps.gz . 2010
  • 9Saeki M,Kaiya H.Using common criteria as reusable knowledge in security requirements elicitation. http://sunsite.informatik.rwth-aachen.de/Publications/CEUR-WS/Vol-413/paper09.pdf . 2010
  • 10Edward G Amoroso.Fundamentals of computer security tech-nology. . 1994

同被引文献22

引证文献4

二级引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部