Visible to the public Security Requirements Patterns: Understanding the Science Behind the Art of Pattern WritingConflict Detection Enabled

TitleSecurity Requirements Patterns: Understanding the Science Behind the Art of Pattern Writing
Publication TypeConference Proceedings
Year of Publication2012
AuthorsMaria Riaz, Laurie Williams
Conference Name2012 Second IEEE International Workshop on Requirements Patterns (RePa)
Date Published09/2012
PublisherIEEE
Conference LocationChicago, IL
ISBN978-1-4673-4376-3
KeywordsCMU, Empirical Development of Patterns, security requirements patterns, Software patterns
Abstract

Security requirements engineering ideally combines expertise in software security with proficiency in requirements engineering to provide a foundation for developing secure systems. However, security requirements are often inadequately understood and improperly specified, often due to lack of security expertise and a lack of emphasis on security during early stages of system development. Software systems often have common and recurrent security requirements in addition to system-specific security needs. Security requirements patterns can provide a means of capturing common security requirements while documenting the context in which a requirement manifests itself and the tradeoffs involved. The objective of this paper is to aid in understanding of the process for pattern development and provide considerations for writing effective security requirements patterns. We analyzed existing literature on software patterns, problem solving and cognition to outline the process for developing software patterns. We also reviewed strategies for specifying reusable security requirements and security requirements patterns. Our proposed considerations can aid pattern writers in capturing necessary contextual information when documenting security requirements patterns to facilitate application and integration of security requirements.

DOI10.1109/RePa.2012.6359977
Citation Keynode-30188