Applying the physics of notation to the evaluation of a security and privacy requirements engineering methodology

Vasiliki Diamantopoulou, Haralambos Mouratidis

Research output: Contribution to journalArticle

Abstract

Purpose: The purpose of this study is the analysis of a security and privacy requirements engineering methodology. Such methodologies are considered an important part of systems’ development process when they contain and process a large amount of critical information, and thus need to remain secure and ensure privacy. Design/methodology/approach: These methodologies provide techniques, methods and norms for tackling security and privacy issues in information systems. In this process, the utilisation of effective, clear and understandable modelling languages with sufficient notation is of utmost importance, as the produced models are used not only among IT experts or among security specialists but also for communication among various stakeholders, in business environments or among novices in an academic environment. Findings: The qualitative analysis revealed a partial satisfaction of these principles. Originality/value: This paper evaluates the effectiveness of a security and privacy requirements engineering methodology, namely, Secure Tropos, on the nine principles of the theory of notation.

Original languageEnglish
Pages (from-to)382-400
Number of pages19
JournalInformation and Computer Security
Volume26
Issue number4
DOIs
Publication statusPublished - 8 Oct 2018

Keywords

  • Computer privacy
  • Evaluation
  • Information security modelling
  • Physics of notation
  • Privacy requirements engineering
  • Security requirements engineering

Fingerprint Dive into the research topics of 'Applying the physics of notation to the evaluation of a security and privacy requirements engineering methodology'. Together they form a unique fingerprint.

  • Cite this