TY - GEN
T1 - Evaluation of a security and privacy requirements methodology using the physics of notation
AU - Diamantopoulou, Vasiliki
AU - Pavlidis, Michalis
AU - Mouratidis, Haralambos
N1 - This is a post-peer-review, pre-copyedit version of an article published in Lecture Notes in Computer Science. The final authenticated version is available online at: http://dx.doi.org/10.1007/978-3-319-72817-9_14
PY - 2017/12/22
Y1 - 2017/12/22
N2 - Security and Privacy Requirements Methodologies are considered an important part of the development process of systems, especially for the ones that contain and process a large amount of critical information and inevitably needs to remain secure and thus, ensuring privacy. These methodologies provide techniques, methods, and norms for tackling security and privacy issues in Information Systems. In this process, the utilisation of effective, clear and understandable modelling languages with sufficient notation is of utmost importance, since the produced models are used not only among IT experts or among security specialists, but also for communication among various stakeholders, in business environments or among novices in an academic environment. This paper evaluates the effectiveness of a Security and Privacy Requirements Engineering methodology, namely Secure Tropos on the nine principles of the Theory of Notation. Our qualitative analysis revealed a partial satisfaction of these principles.
AB - Security and Privacy Requirements Methodologies are considered an important part of the development process of systems, especially for the ones that contain and process a large amount of critical information and inevitably needs to remain secure and thus, ensuring privacy. These methodologies provide techniques, methods, and norms for tackling security and privacy issues in Information Systems. In this process, the utilisation of effective, clear and understandable modelling languages with sufficient notation is of utmost importance, since the produced models are used not only among IT experts or among security specialists, but also for communication among various stakeholders, in business environments or among novices in an academic environment. This paper evaluates the effectiveness of a Security and Privacy Requirements Engineering methodology, namely Secure Tropos on the nine principles of the Theory of Notation. Our qualitative analysis revealed a partial satisfaction of these principles.
KW - Evaluation
KW - Physics of notation
KW - Privacy requirements engineering
KW - Security requirements engineering
UR - http://www.scopus.com/inward/record.url?scp=85041538684&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-72817-9_14
DO - 10.1007/978-3-319-72817-9_14
M3 - Conference contribution with ISSN or ISBN
SN - 9783319728162
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 210
EP - 225
BT - Computer Security - ESORICS 2017 International Workshops, CyberICPS 2017 and SECPRE 2017, Revised Selected Papers
A2 - Mylopoulos, John
A2 - Lambrinoudakis, Costas
A2 - Kalloniatis, Christos
A2 - Cuppens, Frederic
A2 - Cuppens, Nora
A2 - Anton, Annie
A2 - Katsikas, Sokratis K.
A2 - Gritzalis, Stefanos
PB - Springer-Verlag
CY - Oslo, Norway
T2 - 3rd Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2017, 1st International Workshop on Security and Privacy Requirements Engineering, SECPRE 2017, Both workshops were co-located with 22nd European Symposium on Research in Computer Security, ESORICS 2017
Y2 - 14 September 2017 through 15 September 2017
ER -