Integrating privacy requirements considerations into a security requirements engineering method and tool
نویسندگان
چکیده
In this paper we examine a method for identifying privacy requirements within the context of a security requirements engineering method. We briefly describe the security quality requirements engineering (SQUARE) methodology. Next we discuss our definition of privacy and the associated privacy concerns. We discuss the challenges of privacy requirements engineering and the need for incorporating privacy considerations into security requirements engineering approaches. We describe a novel modification to the SQUARE method and tool to incorporate privacy considerations, and identify future work that will lead to a more integrated method for security and privacy requirements engineering.
منابع مشابه
Pris Tool: A Case Tool For Privacy-Oriented Requirements Engineering
PriS is a security and privacy requirements engineering method which aims on incorporating privacy requirements early in the system development process. Specifically, PriS provides a set of concepts for modelling privacy requirements in the organisation domain and a systematic way-of-working for translating these requirements into system models. In this paper we present the PriS conceptual fram...
متن کاملA Lightweight Privacy-preserving Authenticated Key Exchange Scheme for Smart Grid Communications
Smart grid concept is introduced to modify the power grid by utilizing new information and communication technology. Smart grid needs live power consumption monitoring to provide required services and for this issue, bi-directional communication is essential. Security and privacy are the most important requirements that should be provided in the communication. Because of the complex design of s...
متن کاملSecurity and Privacy Requirements Engineering
Security requirements engineering identifies security risks in software in the early stages of the development cycle. In this chapter, the authors present the SQUARE security requirements method. They integrate privacy requirements into SQUARE to identify privacy risks in addition to security risks. They then present a privacy elicitation technique and subsequently combine security risk assessm...
متن کاملCombining Privacy and Security Risk Assessment in Security Quality Requirements Engineering
Security risk assessment identifies the threats to systems, while privacy risk assessment identifies data sensitivities in systems. The Security Quality Requirements Engineering (SQUARE) method is used to identify software security issues in the early stages of the development lifecycle. We propose combining the existing security risk assessment techniques in SQAURE with the Privacy Impact Asse...
متن کاملInformation Security Requirements for Implementing Electronic Health Records in Iran
Background and Goal: ICT development in recent years has created excellent developments in human social and economic life. One of the most important opportunities to use information technology is in the medical field, that the result would be electronic health record (EHR).The purpose of this research is to investigate the effects information securi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IJIPSI
دوره 1 شماره
صفحات -
تاریخ انتشار 2011