Progress in Informatics

	Online ISSN:1349-8606
Progress in Informatics
No5. March 2008
Page 19-34

Curriculum design and methodologies for security requirements analysis

Kenji TAGUCHI and Yasuyuki TAHARA

LINK [1] B. Boehm and V. R. Basili, “Software Defect Reduction Top 10 List,” IEEE Computer,vol. 34, no. 1, pp. 135-137, 2001.

LINK [2] S. Honiden, Y. Tahara, N. Yoshioka, K. Taguchi and H. Washizaki, “Top SE: Educating Superarchitects Who Can Apply Software Engineering Tools to Practical Development in Japan,”Proceedings of International Conference on Software Engineering (ICSE 2007), pp. 708-718, IEEE, 2007.

LINK [3] Top SE website, http://www.topse.jp.

LINK [4] P. Giorgini, F. Massacci, J. Mylopoulos, A. Siena and N. Zanneno, “ST-Tool: A CASE Tool for Modeling and Analyisng Trust Requirements,”Proceedings of the Third International Conference on Trust Management (iTrust 2005), LNCS,Spinger-Verlag, pp. 415-419, 2005.

LINK [5] T. Tsumaki, H. Kaiya, Y. Tahara, N. Yoshioka, K. Taguchi and S. Honiden, “Errors and Misconceptions in Learning i*,”Proceedings of the 2nd International Workshop on Requirements Engineering Education and Training (REET 2007), 2007.

LINK [6]D. Ferraiolo, R. Sandhu, S. Gavrila, D. Kuhn and R. Chandramouli, “Proposed NIST standard for role-based access control.”Proceeding of the NIST-NSA National Computer Security Conference,pp. 554-563, 1992.

LINK [7] A. Dardenne, A. van Lamsweerde and S. Fickas, “Goal-Directed Requirements Acquisition.” Science of Computer Programming,vol. 20, pp. 3-50, 1993.

LINK [8] A. van Lamsweerde, R. Darimont and P. Massonet, “Goal-Directed Elaboration of Requirements for a Meeting Scheduler: Problems and Lessons Learnt.”Proceedings of International Conference on Requirements Engineering (RE 1995), pp. 194-203, IEEE, 1995.

LINK [9] R. Darimont, E. Delor, P. Massonet and A. van Lamsweerde, “GRAIL/KAOS: An Environment for Goal-Driven Requirements Engineering,”Proceedings of International Conference on Software Engineering (ICSE 1998), pp. 612-613,IEEE, 1998.

LINK [10] A. van Lamsweerde, “Elaborating Security Requirements by Construction of Intentional Anti-Models,” Proceedings of International Conference on Software Engineering (ICSE 2004), pp. 148-157, IEEE, 2004.

LINK [11] A KAOS Tutorial, http://www.objectiver.com/. CEDITI sa, 2003.

LINK [12] I. Sommerville, Software Engineering,Addision-Wesley, 2005.

LINK [13] A. Schaad, J. Moffett and J. Jacob, “The Role-Based Access Control System of a European Bank: A Case Study and Discussion.”Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), pp. 3-9, ACM, 2001.

LINK [14] J. S. Park, K. P. Costello, T. M.Neven and J. A. Diosomite, “A Composite RBAC Approach for Large, Complex Organizations,”Proceedings of the 9th ACM Symposium on Access Control Models and Technologies (SACMAT 2004), ACM, pp. 163-172, 2004.

LINK [15] D. F. Ferraiolo, D. R.Kuhn and R. Chandramouli, Role-Based Access Control.Artech House 2003.

LINK [16] T. Lodderstedt, D. Basin and J. Doser, “SecureUML: A UML-Based Modeling Language for Model-Driven Security,”Proceedings of 5th International Conference on the Unified Modeling Language (UML 2002), Springer, pp. 426-441, LNCS 2460, 2002.

LINK [17] D. Basin, J. Doser and T. Lodderstedt, Proceedings of 8th ACM Symposium on Access Control Models and Technologies (SACMAT 2003), pp. 100-109, ACM, 2003.

LINK [18] D-K. Kim, I. Ray, R. France and N. Li, “Modeling Role-Based Access Control Using Parameterized UML Models,”Proceedings of Fundamental Approaches to Software Engineering (FASE 2004), pp. 180-193, LNCS 2984, 2004.

LINK [19] P. Epstein and R. Sandhu, “Towards A UML Based Approach to Role Engineering,” Proceedings of 4th ACM Symposium on Role-Based Access Control (RBAC 1999), ACM, pp. 135-143, 1999.

LINK [20] Common criteria for information technology security evaluation part 1: Introduction and general model.http://www.commoncriteriaportal.org/public/developer/index.php?menu=2, Sep. 2006.

LINK [21] L. Liu, E. Yu,and J. Mylopoulos. “Security and privacy requirements analysis within a social setting”Proceedings of International Conference on Requirements Engineering (RE 2003), pp. 151-161, 2003.

LINK [22] M. Rausand and A. Høyland. System Reliability Theory; Models, Statistical Methods and Applications (Second Ed.) Wiley, 2004.

LINK [23] F. Redmill, M. Chudleigh, and J. Catmur. System Safety: HAZOP and Software HAZOP.John Wiley & Sons, 1999.

LINK [24] E. Yu. “Towards modeling and reasoning support for early-phase requirements engineering.”Proceedings of the3ed IEEE International Symposium on Requirements Engineering (RE 1997), pp. 226-235, 1997.