The Effect of Trust Assumptions on the Elaboration of Security Requirements

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Charles B. Haley Articles by Robin C. Laney Articles by Jonathan D. Moffett Articles by Bashar Nuseibeh

12th IEEE International Requirements Engineering Conference (RE'04)

Kyoto, Japan

September 06-September 10

ISBN: 0-7695-2174-6

	ASCII Text	x
	Charles B. Haley, Robin C. Laney, Jonathan D. Moffett, Bashar Nuseibeh, "The Effect of Trust Assumptions on the Elaboration of Security Requirements," Requirements Engineering, IEEE International Conference on, pp. 102-111, 12th IEEE International Requirements Engineering Conference (RE'04), 2004.

	BibTex	x
	@article{ 10.1109/ICRE.2004.1335668, author = {Charles B. Haley and Robin C. Laney and Jonathan D. Moffett and Bashar Nuseibeh}, title = {The Effect of Trust Assumptions on the Elaboration of Security Requirements}, journal ={Requirements Engineering, IEEE International Conference on}, volume = {0}, year = {2004}, issn = {1090-705X}, pages = {102-111}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICRE.2004.1335668}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Requirements Engineering, IEEE International Conference on TI - The Effect of Trust Assumptions on the Elaboration of Security Requirements SN - 1090-705X SP102 EP111 A1 - Charles B. Haley, A1 - Robin C. Laney, A1 - Jonathan D. Moffett, A1 - Bashar Nuseibeh, PY - 2004 KW - null VL - 0 JA - Requirements Engineering, IEEE International Conference on ER -

Charles B. Haley, The Open University, UK

Robin C. Laney, The Open University, UK

Jonathan D. Moffett, University of York, UK

Bashar Nuseibeh, The Open University, UK

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICRE.2004.1335668

Assumptions are frequently made during requirements analysis of a system-to-be about the trustworthiness of its various components (including human components). These trust assumptions can affect the scope of the analysis, derivation of security requirements, and in some cases how functionality is realized. This paper presents trust assumptions in the context of analysis of security requirements. A running example shows how trust assumptions can be used by a requirements engineer to help define and limit the scope of analysis and to document the decisions made during the process. The paper concludes with a case study examining the impact of trust assumptions on software that uses the Secure Electronic Transaction (SET) specification.

Citation:

Charles B. Haley, Robin C. Laney, Jonathan D. Moffett, Bashar Nuseibeh, "The Effect of Trust Assumptions on the Elaboration of Security Requirements," re, pp.102-111, 12th IEEE International Requirements Engineering Conference (RE'04), 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.