The Open UniversitySkip to content

The Effect of trust assumptions on the elaboration of security requirements

Haley, Charles B.; Laney, Robin C.; Moffett, Jonathan D. and Nuseibeh, Bashar (2004). The Effect of trust assumptions on the elaboration of security requirements. In: 12th IEEE International Requirements Engineering Conference (RE'04), 6-10 Sep 2004, Kyoto, Japan.

DOI (Digital Object Identifier) Link:
Google Scholar: Look up in Google Scholar


Assumptions are frequently made during requirements analysis of a system-to-be about the trustworthiness of its various components (including human components). These trust assumptions can affect the scope of the analysis, derivation of security requirements, and in some cases how functionality is realized. This paper presents trust assumptions in the context of analysis of security requirements. A running example shows how trust assumptions can be used by a requirements engineer to help define and limit the scope of analysis and to document the decisions made during the process. The paper concludes with a case study examining the impact of trust assumptions on software that uses the Secure Electronic Transaction (SET) specification.

Item Type: Conference or Workshop Item
Extra Information: RE 04 received 99 full research papers and accepted 27. It is the main international conference in the field of requirements engineering.
Keywords: security requirements; trust assumptions; problem frames
Academic Unit/School: Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM)
Research Group: Centre for Research in Computing (CRC)
Item ID: 3276
Depositing User: Robin Laney
Date Deposited: 03 Jul 2006
Last Modified: 07 Dec 2018 08:54
Share this page:


Altmetrics from Altmetric

Citations from Dimensions

Actions (login may be required)

Policies | Disclaimer

© The Open University   contact the OU