search menu icon-carat-right cmu-wordmark

Combining Security and Privacy in Requirements Engineering

December 2011 Book Chapter
Saeed Abu-Nimeh (Damballa), Nancy R. Mead

In this book chapter, the authors present SQUARE, a security requirements approach, privacy requirement elicitation, and security risk assessment techniques.


IGI Global

1613505086, 9781613505083


Security requirements engineering identifies security risks in software in the early stages of the development cycle. In this chapter, the authors present a security requirements approach dubbed SQUARE. They integrate privacy requirements into SQUARE to identify privacy risks in addition to security risks. They present a privacy elicitation technique and then combine security risk assessment techniques with privacy risk assessment techniques.