计算机应用与软件2013,Vol.30Issue(2):216-220,5.DOI:10.3969/j.issn.1000-386x.2013.02.057
安全需求工程研究综述
A SURVEY ON SECURITY REQUIREMENTS ENGINEERING RESEARCH
摘要
Abstract
Security requirements engineering (SRE) is gradually becoming one of the research focuses in software engineering in recent years. The return on investment will be 12% -21% higher when introducing the security analysis techniques and security engineering practice in early phase of the development cycle than in the phase of application designs. In this paper, the development processes and major research activities of SRE are summarised, relevant definitions of SRE are reviewed, and several classical SRE frameworks are analysed. Two i-deas of SRE research are presented based on the summarisation of current SRE research activities, and the research advancements on SRE are introduced from six aspects subsequently. In addition, the shortcomings of SRE research are discussed as well. As the conclusion of the paper, some most promising directions of SRE development are pointed out.关键词
安全需求/安全需求工程/安全需求获取/安全需求分析/安全需求建模/模型检测/风险评估Key words
Security requirements Security requirements engineering Security requirements eliciting Security requirements analysing Security requirements modelling/Model checking/Risk assessing分类
信息技术与安全科学引用本文复制引用
汪北阳..安全需求工程研究综述[J].计算机应用与软件,2013,30(2):216-220,5.基金项目
国家重点基础研究发展计划项目(2007CB310805). (2007CB310805)
