Agile
Now Reading
Security Requirements Engineering
0

Security Requirements Engineering

by admin1201July 17, 2017

When security requirements are considered at all during the system life cycle, they tend to be general lists of security features such as password protection, firewalls, virus detection tools, and the like. These are, in fact, not security requirements at all but rather implementation mechanisms that are intended to satisfy unstated requirements, such as authenticated access. As a result, security requirements that are specific to the system and that provide for protection of essential services and assets are often neglected. In addition, the attacker perspective is not considered, with the result that security requirements, when they exist, are likely to be incomplete. We believe that a systematic approach to security requirements engineering will help to avoid the problem of generic lists of features and to take into account the attacker perspective. Several approaches to security requirements engineering are described here and references are provided for additional material that can help you ensure that your products effectively meet security requirements.

Please follow and like us:

http://www.modernanalyst.com/Resources/Articles/tabid/115/ID/3807/Security-Requirements-Engineering.aspx

About The Author
admin1201

Leave a Response