Output details
11 - Computer Science and Informatics
University of East London
Eliciting security requirements and tracing them to design: an integration of Common Criteria, heuristics, and UMLsec
<10>This work is developed by a joint effort of academic and industrial partners. It tackles the problem of understanding security from functional requirements perspective and designing the system considering security. The work presents a security requirements engineering methodology, called SecReq, which supports identification and refinement of security-related issues guided by the security standard ISO 15408:2007 Common Criteria, and traces them into UML design models. The work presents an industry study Internet Protocol Television (IPTV). IPTV specific security requirements and secure design artifacts by the SecReq method gained recognition from the European Telecommunications Standards Institute (ETSI).