Mostrar el registro sencillo del documento
A taxonomy of software security requirements
dc.rights.license | Atribución-NoComercial 4.0 Internacional |
dc.contributor.author | Calderón C., Marta E. |
dc.date.accessioned | 2019-06-25T22:35:31Z |
dc.date.available | 2019-06-25T22:35:31Z |
dc.date.issued | 2007 |
dc.identifier.uri | https://repositorio.unal.edu.co/handle/unal/24281 |
dc.description.abstract | Software security is a major concern of software engineer s. Security requirements must be taken in account early in the software development process. The goal of this paper is to present a taxonomy of software security requirements. Such a taxonomy is useful because it servers as an educational tool, can be used as a check list and as a guide to eliciting software security requirements, can help to creating a software security policy, and can guide to taking early preventive decisions. It is generally accepted that security is the combination of three attributes: integrity, availability, and confidentiality. Non-repudiation is also an important software security property. The taxonomy is based on the four concepts and is a two-level hierarchy, in which the first level categories are integrity requirements, availability requirements, confidentiality requirements and non-repudiation requirements. We use this primary classification because software engineers and user s can easily under stand the concepts of availability, integrity, confidentiality, and non-repudiation and r elate them to functional requirements. To apply the taxonomy, a four step process is proposed: 1) identify functional requirements, 2)identify assets to be protected, 3) identify threats to the assets, and 4) define software security requirements. To show how to use the taxonomy, an electronic commerce application is used. |
dc.format.mimetype | application/pdf |
dc.language.iso | spa |
dc.publisher | Universidad Nacional de Colombia -Sede Medellín |
dc.relation | http://revistas.unal.edu.co/index.php/avances/article/view/9923 |
dc.relation.ispartof | Universidad Nacional de Colombia Revistas electrónicas UN Avances en Sistemas e Informática |
dc.relation.ispartof | Avances en Sistemas e Informática |
dc.relation.ispartofseries | Avances en Sistemas e Informática; Vol. 4, núm. 3 (2007) Avances en Sistemas e Informática; Vol. 4, núm. 3 (2007) 1909-0056 1657-7663 |
dc.rights | Derechos reservados - Universidad Nacional de Colombia |
dc.rights.uri | http://creativecommons.org/licenses/by-nc/4.0/ |
dc.title | A taxonomy of software security requirements |
dc.type | Artículo de revista |
dc.type.driver | info:eu-repo/semantics/article |
dc.type.version | info:eu-repo/semantics/publishedVersion |
dc.identifier.eprints | http://bdigital.unal.edu.co/15318/ |
dc.relation.references | Calderón C., Marta E. (2007) A taxonomy of software security requirements. Avances en Sistemas e Informática; Vol. 4, núm. 3 (2007) Avances en Sistemas e Informática; Vol. 4, núm. 3 (2007) 1909-0056 1657-7663 . |
dc.rights.accessrights | info:eu-repo/semantics/openAccess |
dc.subject.proposal | Security |
dc.subject.proposal | Software Security |
dc.subject.proposal | Security Requirements |
dc.subject.proposal | Integrity |
dc.subject.proposal | Availability |
dc.subject.proposal | Confidentiality. |
dc.type.coar | http://purl.org/coar/resource_type/c_6501 |
dc.type.coarversion | http://purl.org/coar/version/c_970fb48d4fbd8a85 |
dc.type.content | Text |
dc.type.redcol | http://purl.org/redcol/resource_type/ART |
oaire.accessrights | http://purl.org/coar/access_right/c_abf2 |
Archivos en el documento
Este documento aparece en la(s) siguiente(s) colección(ones)
Esta obra está bajo licencia internacional Creative Commons Reconocimiento-NoComercial 4.0.Este documento ha sido depositado por parte de el(los) autor(es) bajo la siguiente constancia de depósito