Security Requirements – Analysis of the Issue

Jhon Vincent
2013 Revista Antioqueña de las Ciencias Computacionales y la Ingeniería de Software (RACCIS)  
Needs about security are matters little taken into account when managing requirements engineering , and when considered in the life cycle of the system , they tend to become a general list of functions, as password of protection , firewalls , virus detection tools , and other similar. But in fact, they cannot be considered as requirements of security, because they are implementation mechanisms to try to meet unspecified requirements, as an authenticated access. As a result, the security
more » ... ents for the system are ignored, which are required to protect essential services and assets, besides, when are specified, is not considered the prospect of future attacks. This paper describes the need for a systematic approach to managing security requirements engineering, in order to help avoid the problem of generic lists and take into account the future perspective. Several related approaches are described and also are provided references additional material that can help requirements engineers to ensure that their products be taken into account, effectively , the security requirements.
doaj:8f3eb9a83d4e4080bc428a984b89a3bd fatcat:xvtvl7vxq5h55lnctodiufspby