Crook, Robert; Ince, Darrel; Lin, Luncheng and Nuseibeh, Bashar
Security Requirements Engineering: when anti-requirements hit the fan.
In: Proc IEEE International Conference on Requirements Engineering, 8-13 Sept 2002, Germany.
Everyone agrees that security is a problem, ranging from
Microsoft to the banks that have been recent victims of
rogue traders. What is paradoxical is that there does not
seem to be a wholehearted commitment by both academics
and industry to treat this topic systematically at the top
level of requirements engineering. Our vision is of a future in which we inform the security requirements engineering process by organisational theory. This would act as the bridge between the well-ordered world of the software project informed by conventional requirements and the unexpected world of anti-requirements associated with the malicious user. We frame a vision for the requirements
engineering community that would involve the community
solving six difficult problems.
Actions (login may be required)