Evaluation of a security and privacy requirements methodology using the physics of notation

Vasiliki Diamantopoulou, Michalis Pavlidis, Haralambos Mouratidis

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

Abstract

Security and Privacy Requirements Methodologies are considered an important part of the development process of systems, especially for the ones that contain and process a large amount of critical information and inevitably needs to remain secure and thus, ensuring privacy. These methodologies provide techniques, methods, and norms for tackling security and privacy issues in Information Systems. In this process, the utilisation of effective, clear and understandable modelling languages with sufficient notation is of utmost importance, since the produced models are used not only among IT experts or among security specialists, but also for communication among various stakeholders, in business environments or among novices in an academic environment. This paper evaluates the effectiveness of a Security and Privacy Requirements Engineering methodology, namely Secure Tropos on the nine principles of the Theory of Notation. Our qualitative analysis revealed a partial satisfaction of these principles.

Original languageEnglish
Title of host publicationComputer Security - ESORICS 2017 International Workshops, CyberICPS 2017 and SECPRE 2017, Revised Selected Papers
EditorsJohn Mylopoulos, Costas Lambrinoudakis, Christos Kalloniatis, Frederic Cuppens, Nora Cuppens, Annie Anton, Sokratis K. Katsikas, Stefanos Gritzalis
Place of PublicationOslo, Norway
PublisherSpringer-Verlag
Pages210-225
Number of pages16
ISBN (Electronic)9783319728179
ISBN (Print)9783319728162
DOIs
Publication statusPublished - 22 Dec 2017
Event3rd Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2017, 1st International Workshop on Security and Privacy Requirements Engineering, SECPRE 2017, Both workshops were co-located with 22nd European Symposium on Research in Computer Security, ESORICS 2017 - Oslo, Norway
Duration: 14 Sep 201715 Sep 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10683 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Workshop

Workshop3rd Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2017, 1st International Workshop on Security and Privacy Requirements Engineering, SECPRE 2017, Both workshops were co-located with 22nd European Symposium on Research in Computer Security, ESORICS 2017
CountryNorway
CityOslo
Period14/09/1715/09/17

Bibliographical note

This is a post-peer-review, pre-copyedit version of an article published in Lecture Notes in Computer Science. The final authenticated version is available online at: http://dx.doi.org/10.1007/978-3-319-72817-9_14

Keywords

  • Evaluation
  • Physics of notation
  • Privacy requirements engineering
  • Security requirements engineering

Fingerprint Dive into the research topics of 'Evaluation of a security and privacy requirements methodology using the physics of notation'. Together they form a unique fingerprint.

  • Cite this

    Diamantopoulou, V., Pavlidis, M., & Mouratidis, H. (2017). Evaluation of a security and privacy requirements methodology using the physics of notation. In J. Mylopoulos, C. Lambrinoudakis, C. Kalloniatis, F. Cuppens, N. Cuppens, A. Anton, S. K. Katsikas, & S. Gritzalis (Eds.), Computer Security - ESORICS 2017 International Workshops, CyberICPS 2017 and SECPRE 2017, Revised Selected Papers (pp. 210-225). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10683 LNCS). Springer-Verlag. https://doi.org/10.1007/978-3-319-72817-9_14