TY - GEN
T1 - A comparative review of i*-based and use case-based security modelling initiatives
AU - Daramola, Olawande
AU - Pan, Yushan
AU - Karpati, Peter
AU - Sindre, Guttorm
PY - 2012
Y1 - 2012
N2 - Security requirements elicitation and modelling are integral for the successful development of secure systems. However, there are a lot of similar yet not identical approaches that currently exist for security requirements modelling, which is confusing for researchers and practitioners hence some characterisation will be useful to give a better overview and understanding of advantages and disadvantages of various approaches. This paper provides a comparative review of i*-based and use case - based security modelling initiatives, using a characterisation framework with several dimensions. Our findings show that both categories of initiatives have significant conceptual similarities in the aspect of modelling language and method process, and coverage of security requirements modelling notions. They have conceptual differences in the aspect of: representation perspective, kind of security requirements engineering activities that are supported, the quality of specification that is generated and the specification techniques used, and the degree of support for software evolution.
AB - Security requirements elicitation and modelling are integral for the successful development of secure systems. However, there are a lot of similar yet not identical approaches that currently exist for security requirements modelling, which is confusing for researchers and practitioners hence some characterisation will be useful to give a better overview and understanding of advantages and disadvantages of various approaches. This paper provides a comparative review of i*-based and use case - based security modelling initiatives, using a characterisation framework with several dimensions. Our findings show that both categories of initiatives have significant conceptual similarities in the aspect of modelling language and method process, and coverage of security requirements modelling notions. They have conceptual differences in the aspect of: representation perspective, kind of security requirements engineering activities that are supported, the quality of specification that is generated and the specification techniques used, and the degree of support for software evolution.
KW - -based modelling
KW - i
KW - security requirements
KW - security requirements modelling
KW - use-case based modelling
UR - http://www.scopus.com/inward/record.url?scp=84865019983&partnerID=8YFLogxK
U2 - 10.1109/RCIS.2012.6240434
DO - 10.1109/RCIS.2012.6240434
M3 - Conference Proceeding
AN - SCOPUS:84865019983
SN - 9781457719387
T3 - Proceedings - International Conference on Research Challenges in Information Science
BT - 6th International Conference on Research Challenges in Information Science, RCIS 2012 - Conference Proceedings
T2 - 6th International Conference on Research Challenges in Information Science, RCIS 2012
Y2 - 16 May 2012 through 18 May 2012
ER -