Issue No.01 - January/February (2008 vol.25)
Martin Gilje Jaatun , Sintef ICT
Per H?kon Meland , Sintef ICT
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MS.2008.19
Information security requirements are important in all software engineering projects, not only to ensure the correct level of security in the end product but also to avoid implementing security solutions that turn out to be a bad fit. This article compares methods for eliciting and describing security requirements in software development projects, from the viewpoint of developers without extensive security skills. As the authors argue, all software projects need a well-balanced amount of security awareness from the beginning. This article is part of a special issue on Security of the Rest of Us.
Software engineering, requirements elicitation, security requirements
Martin Gilje Jaatun, Per H?kon Meland, "Security Requirements for the Rest of Us: A Survey", IEEE Software, vol.25, no. 1, pp. 20-27, January/February 2008, doi:10.1109/MS.2008.19