A comparative review of i*-based and use case-based security modelling initiatives

Olawande Daramola*, Yushan Pan, Peter Karpati, Guttorm Sindre

*Corresponding author for this work

Research output: Chapter in Book or Report/Conference proceedingConference Proceedingpeer-review

2 Citations (Scopus)

Abstract

Security requirements elicitation and modelling are integral for the successful development of secure systems. However, there are a lot of similar yet not identical approaches that currently exist for security requirements modelling, which is confusing for researchers and practitioners hence some characterisation will be useful to give a better overview and understanding of advantages and disadvantages of various approaches. This paper provides a comparative review of i*-based and use case - based security modelling initiatives, using a characterisation framework with several dimensions. Our findings show that both categories of initiatives have significant conceptual similarities in the aspect of modelling language and method process, and coverage of security requirements modelling notions. They have conceptual differences in the aspect of: representation perspective, kind of security requirements engineering activities that are supported, the quality of specification that is generated and the specification techniques used, and the degree of support for software evolution.

Original languageEnglish
Title of host publication6th International Conference on Research Challenges in Information Science, RCIS 2012 - Conference Proceedings
DOIs
Publication statusPublished - 2012
Externally publishedYes
Event6th International Conference on Research Challenges in Information Science, RCIS 2012 - Valencia, Spain
Duration: 16 May 201218 May 2012

Publication series

NameProceedings - International Conference on Research Challenges in Information Science
ISSN (Print)2151-1349
ISSN (Electronic)2151-1357

Conference

Conference6th International Conference on Research Challenges in Information Science, RCIS 2012
Country/TerritorySpain
CityValencia
Period16/05/1218/05/12

Keywords

  • -based modelling
  • i
  • security requirements
  • security requirements modelling
  • use-case based modelling

Cite this