Date Added: Jan 2010
Access protection is an important requirement for systems, which handle confidential data. This paper describes an approach for the requirements engineering of an access protection using the example of an open system. A major problem of open systems is that many users with different roles access it. Moreover, the open system is connected to the Internet and has ports for connecting hardware like an external storage medium. Therefore, it is easy to steal or misuse confidential data from open systems if access protection is not existent. First, the authors used Task and Object-Oriented Requirements Engineering (TORE) in order to specify functional requirements on the access protection.