A Knowledge-Oriented Approach to Security Requirements Engineering for E-Voting System
نویسندگان
چکیده
In this paper, we introduce a knowledge-oriented approach for the Security Requirements Engineering phase for developing E-Voting System. The knowledge acquired through the process of eliciting and analyzing secure E-Voting System is represented in the form of UML models; which can be made available to future developers and the dependency towards security experts can be reduced. In this paper we present a set of security requirements and security requirements patterns that were developed based on the aforementioned approach. Security requirements for modelling have been identified by following the Model Oriented Security Requirements Engineering framework for web applications. The security requirements have been designed into security requirements patterns for creating security requirements ontology for an E-Voting System. The ontology allows all concepts of importance and their relationships to be identified. The paper also compares the approach with other relevant methods in the Security Requirements Engineering phase for developing secure applications.
منابع مشابه
Modeling Secure Systems Using an Agent-oriented Approach and Security Patterns
In this paper we describe an approach for modelling security issues in information systems. It is based on an agent-oriented approach, and extends it with the use of security patterns. Agent-oriented software engineering provides advantages when modeling security issues, since agents are often a natural way of conceptualizing an information system, in particular at the requirements stage, when ...
متن کاملAligning Service-Oriented Architectures with Security Requirements
Aligning requirements and architectures is a long-standing concern in software engineering. Alignment is crucial in the area of systems evolution, wherein requirements and system architectures keep changing after system deployment. We address a specific alignment problem, i.e., checking the compliance of a service-oriented architecture— representing a composite service—with security requirement...
متن کاملApplication of triangulation approach in requirements engineering process: A study in analysis and design of the pediatrics epilepsy information system
Introduction: Requirements Engineering process is a crucial phase in software development. In order to achieve a successful design of health information systems (HISs), applying the best methodologies is essential. Therefore, the aim of the present study was to design pediatrics Epilepsy Information System (EPIS) as well as the use of triangulation approach in elicitation and validation of epil...
متن کاملProtecting privacy in system design: the electronic voting case
Purpose – The purpose of the paper is to present Privacy Safeguard (PriS) a formal security requirements engineering methodology which, incorporates privacy requirements in the system design process and to demonstrate its applicability in an e-voting case. Design/methodology/approach – PriS provides a methodological framework for addressing privacy-related issues during system development. It p...
متن کاملA Framework for Combining Problem Frames and Goal Models to Support Context Analysis during Requirements Engineering
Quality requirements, like security requirements, are difficult to elicit, especially if they cross multiple domains. Understanding these domains is an important issue in the requirements engineering process for the corresponding systems. Well-known requirements engineering approaches, such as goal-oriented techniques provide a good starting point in capturing security requirements in the form ...
متن کامل