Security Requirements Engineering is emerging as a branch of Software Engineering, spurred by the realization that security must be dealt with early on during the requirements phase. We propose ST-Tool, a CASE tool developed for modeling and analyzing functional and security requirements. 1
|
5825
|
Introduction to Algorithms
– Cormen, Leiserson, et al.
- 1992
|
|
1009
|
editors. Foundations of Databases
– Abiteboul, Hull, et al.
- 1995
|
|
507
|
A note on two problems in connection with graphs
– Dijkstra
- 1959
|
|
356
|
Software Engineering
– Sommerville
- 1992
|
|
292
|
Goal-Directed Requirements Acquisition
– Dardenne, Lamsweerde, et al.
- 1993
|
|
251
|
Security Engineering: A Guide to Building Dependable Distributed Systems
– Anderson
- 2001
|
|
179
|
Security-Control Methods for Statistical Databases
– Adam, Wortmann
- 1989
|
|
148
|
Tropos: An agent-oriented software development methodology. Autonomous Agents and Multi-Agent Systems
– Bresciani, Perini, et al.
|
|
141
|
Flexible Support for Multiple Access Control Policies
– Jajodia, Samarati, et al.
- 2001
|
|
119
|
Towards requirements-driven information systems engineering: the tropos project
– Castro, Kolp, et al.
|
|
108
|
Delegation logic: A logic-based approach to distributed authorization
– Li, Grosof, et al.
- 2003
|
|
99
|
Hippocratic databases
– Agrawal, Kiernan, et al.
- 2002
|
|
98
|
Information sharing across private databases
– Agrawal, Evfimievski, et al.
- 2003
|
|
67
|
Model Checking Early Requirements Specifications in Tropos
– Fuxman, Pistore, et al.
- 2001
|
|
66
|
Secure Systems Development with UML
– Jürjens
- 2004
|
|
66
|
Software engineering for security: A roadmap
– Devanbu, Stubblebine
- 2000
|
|
64
|
A security policy model for clinical information systems
– Anderson
- 1996
|
|
61
|
SecureUML: A UML-Based Modeling Language for Model-Driven Security
– Lodderstedt, Basin, et al.
- 2002
|
|
61
|
The platform for enterprise privacy practices – privacy-enabled management of customer data
– Karjoth, Schunter, et al.
|
|
60
|
RT: A role-based trust-management framework
– Li, Mitchell
- 2003
|
|
56
|
Directed hypergraphs and applications
– Gallo, Longo, et al.
- 1993
|
|
53
|
Computationally related problems
– Sahni
- 1974
|
|
53
|
Trust and the Virtual Organization
– HANDY
- 1995
|
|
51
|
Limiting the disclosure of access control policies during automated trust negotiation
– Seamons, Winslet, et al.
- 2001
|
|
47
|
Problem Solving Methods
– Nilsson
- 1971
|
|
46
|
Eliciting Security Requirements by Misuse Cases
– Sindre, Opdahl
- 2000
|
|
45
|
2003a. Datalog with constraints: A foundation for trust management languages
– LI, MITCHELL
|
|
43
|
Dealing with nonfunctional requirements: three experimental studies of a process-oriented approach
– Chung, Nixon
- 1995
|
|
42
|
Reasoning with goal models
– Giorgini, Mylopoulos, et al.
|
|
40
|
M.: Monitoring teams by overhearing: A multi-agent plan-recognition approach
– Kaminka, Pynadath, et al.
- 2002
|
|
39
|
Using Abuse Case Models for Security Requirements Analysis
– McDermott, Fox
- 1999
|
|
39
|
Security and Privacy Requirements Analysis within a Social Setting
– Liu, Yu, et al.
- 2003
|
|
38
|
Shadbolt: Developing an integrated trust and reputation model for open multi-agent systems
– Huynh, Jennings, et al.
- 2004
|
|
38
|
The Platform for
– Cranor, Langheinrich, et al.
- 2002
|
|
28
|
Analyzing security requirements as relationships among strategic actors
– Liu, Yu, et al.
- 2002
|
|
27
|
Limiting Disclosure in Hippocratic Databases
– Lefevre, Agrawal, et al.
- 2004
|
|
25
|
Additive and/or graphs
– Martelli, Montanari
- 1973
|
|
24
|
Simple and minimum-cost satisfiability for goal models
– Sebastiani, Giorgini, et al.
- 2004
|
|
24
|
A toolkit for managing enterprise privacy policies
– Backes, Pfitzmann, et al.
- 2003
|
|
23
|
Requirements engineering meets trust management: Model, methodology, and reasoning
– GIORGINI, MASSACCI, et al.
- 2004
|
|
23
|
Protecting Privacy during On-line Trust Negotiation
– Seamons, Winslett, et al.
- 2002
|
|
23
|
Web Services and Business Transactions
– Papazoglou
- 2003
|
|
22
|
Modeling Security Requirements Through Ownership, Permission and Delegation
– Giorgini, Massacci, et al.
- 2005
|
|
19
|
Security requirements engineering: When anti-requirements hit the fan
– Crook, Ince, et al.
- 2002
|
|
19
|
An admissible and optimal algorithm for searching and/or graphs
– Chang, Slagle
- 1971
|
|
18
|
From System Goals to Intruder Anti-Goals: Attack Generation and Resolution for Security Requirements Engineering
– Lamsweerde, Brohez, et al.
- 2003
|
|
18
|
Aggregate functions in disjunctive logic programming: Semantics, complexity, and implementation in DLV
– Dell’Armi, Faber, et al.
- 2003
|
|
17
|
Formal reasoning techniques for goal models
– Giorgini, Mylopoulos, et al.
- 2003
|
|
17
|
Beyond proof-of-compliance: Safety and availability analysis in trust management
– Li, Winsborough, et al.
- 2003
|
|
17
|
Designing for privacy and other competing requirements
– Yu, Cysneiros
- 2002
|
