Security requirements engineering for e-government applications: Analysis of current frameworks

Abstract

The need for keeping information secure is increasingly important in modern e-business, e-commerce, and e-government environments. This holds because personally identifiable information can be electronically transmitted and disseminated over insecure open networks and the Internet. Security and privacy constitute the basic foundations of a trust framework, which composes a sine qua non condition for Information Societies. Requirements engineering (RE) is the principled application of proven methods and tools, which can design this trust framework effectively, in all aspects of modern e-Government applications considering the directives described in the e-Europe Initiative. This paper describes a number of well-known RE frameworks developed for eliciting and managing security requirements (SR). It also presents a comparative analysis of existing frameworks from a number of complementary viewpoints. Based on the results of this analysis it identifies a number of unresolved issues that need to be addressed by research in the SR field. © Springer-Verlag Berlin Heidelberg 2004.