Skip to main content
ArticleOPEN ACCESS

Engineering security requirements

Journal of Object Technology
DOI: 10.5381/jot.2003.2.1.c6
186Citations
Citations of this article
115Readers
Mendeley users who have this article in their library.

Abstract

Most requirements engineers are poorly trained to elicit, analyze, and specify security requirements, often confusing them with the architectural security mechanisms that are traditionally used to fulfill them. They thus end up specifying architecture and design constraints rather than true security requirements. This article defines the different types of security requirements and provides associated examples and guildlines with the intent of enabling requirements engineers to adequately specify security requirements without unnecessarily constraining the security and architecture teams from using the most appropriate security mechanisms for the job.

Cite

CITATION STYLE

APA

Firesmith, D. G. (2003). Engineering security requirements. Journal of Object Technology. Journal of Object Technology. https://doi.org/10.5381/jot.2003.2.1.c6

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free