Security Requirements Engineering: The SI* Modeling Language and the Secure Tropos Methodology

Date Added: May 2009
Format: PDF

Security Requirements Engineering is an emerging field which lies at the crossroads of Security and Software Engineering. Much research has focused on this field in recent years, spurred by the realization that security must be dealt with in the earliest phases of the software development process as these phases cover a broader organizational perspective. Agent-oriented methodologies have proved to be especially useful in this setting as they support the modeling of the social context in which the system-to-be will operate. In the authors' previous work, they proposed the SI modeling language to deal with security and trust, and the Secure Tropos methodology for designing secure software systems.