search menu icon-carat-right cmu-wordmark

Combining Security and Privacy in Requirements Engineering

December 2011 Book Chapter
Saeed Abu-Nimeh (Damballa), Nancy R. Mead

In this book chapter, the authors present SQUARE, a security requirements approach, privacy requirement elicitation, and security risk assessment techniques.

Publisher:

IGI Global

ISBN:
1613505086, 9781613505083

Abstract

Security requirements engineering identifies security risks in software in the early stages of the development cycle. In this chapter, the authors present a security requirements approach dubbed SQUARE. They integrate privacy requirements into SQUARE to identify privacy risks in addition to security risks. They present a privacy elicitation technique and then combine security risk assessment techniques with privacy risk assessment techniques.