Show simple item record

dc.rights.licenseAtribución-NoComercial 4.0 Internacional
dc.contributor.authorCalderón C., Marta E.
dc.date.accessioned2019-06-25T22:35:31Z
dc.date.available2019-06-25T22:35:31Z
dc.date.issued2007
dc.identifier.urihttps://repositorio.unal.edu.co/handle/unal/24281
dc.description.abstractSoftware security is a major concern of software engineer s. Security requirements must be taken in account early in the software development process. The goal of this paper is to present a taxonomy of software security requirements. Such a taxonomy is useful because it servers as an educational tool, can be used as a check list and as a guide to eliciting software security requirements, can help to creating a software security policy, and can guide to taking early preventive decisions. It is generally accepted that security is the combination of three attributes: integrity, availability, and confidentiality. Non-repudiation is also an important software security property. The taxonomy is based on the four concepts and is a two-level hierarchy, in which the first level categories are integrity requirements, availability requirements, confidentiality requirements and non-repudiation requirements. We use this primary classification because software engineers and user s can easily under stand the concepts of availability, integrity, confidentiality, and non-repudiation and r elate them to functional requirements. To apply the taxonomy, a four step process is proposed: 1) identify functional requirements, 2)identify assets to be protected, 3) identify threats to the assets, and 4) define software security requirements. To show how to use the taxonomy, an electronic commerce application is used.
dc.format.mimetypeapplication/pdf
dc.language.isospa
dc.publisherUniversidad Nacional de Colombia -Sede Medellín
dc.relationhttp://revistas.unal.edu.co/index.php/avances/article/view/9923
dc.relation.ispartofUniversidad Nacional de Colombia Revistas electrónicas UN Avances en Sistemas e Informática
dc.relation.ispartofAvances en Sistemas e Informática
dc.relation.ispartofseriesAvances en Sistemas e Informática; Vol. 4, núm. 3 (2007) Avances en Sistemas e Informática; Vol. 4, núm. 3 (2007) 1909-0056 1657-7663
dc.rightsDerechos reservados - Universidad Nacional de Colombia
dc.rights.urihttp://creativecommons.org/licenses/by-nc/4.0/
dc.titleA taxonomy of software security requirements
dc.typeArtículo de revista
dc.type.driverinfo:eu-repo/semantics/article
dc.type.versioninfo:eu-repo/semantics/publishedVersion
dc.identifier.eprintshttp://bdigital.unal.edu.co/15318/
dc.relation.referencesCalderón C., Marta E. (2007) A taxonomy of software security requirements. Avances en Sistemas e Informática; Vol. 4, núm. 3 (2007) Avances en Sistemas e Informática; Vol. 4, núm. 3 (2007) 1909-0056 1657-7663 .
dc.rights.accessrightsinfo:eu-repo/semantics/openAccess
dc.subject.proposalSecurity
dc.subject.proposalSoftware Security
dc.subject.proposalSecurity Requirements
dc.subject.proposalIntegrity
dc.subject.proposalAvailability
dc.subject.proposalConfidentiality.
dc.type.coarhttp://purl.org/coar/resource_type/c_6501
dc.type.coarversionhttp://purl.org/coar/version/c_970fb48d4fbd8a85
dc.type.contentText
dc.type.redcolhttp://purl.org/redcol/resource_type/ART
oaire.accessrightshttp://purl.org/coar/access_right/c_abf2


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record

Atribución-NoComercial 4.0 InternacionalThis work is licensed under a Creative Commons Reconocimiento-NoComercial 4.0.This document has been deposited by the author (s) under the following certificate of deposit